1ad92bd985c91c1b251c828b66d649e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ad92bd985c91c1b251c828b66d649e9
Size

4.0MB
MD5

1ad92bd985c91c1b251c828b66d649e9
SHA1

7ec70642b4331ea443d85efb285023b04f5e66a2
SHA256

9ffaae3b80ec9717d72fe2992814bb3a2ce8339af33772d70707ef13582ae18d
SHA512

b2ecf83bdfb37c53cdeed16876cf10e3fd156c4e49359643a79d2328a460f9b2e14f78f7432325fe50a500631e83bfb8617995de2a974fdd6e6b9289712f16c7
SSDEEP

98304:iaPE/tW2aJpqt/3o8CNl7bl2IzWsLS35xyuY/b2O:iaPE/tW2SYo8MlfYIzWqsyr/f

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ad92bd985c91c1b251c828b66d649e9

Files

1ad92bd985c91c1b251c828b66d649e9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 640KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE