5d90b27d4c71e34340327c31324f9f0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d90b27d4c71e34340327c31324f9f0a
Size

1.2MB
MD5

5d90b27d4c71e34340327c31324f9f0a
SHA1

d2a9e35bbf3506410a31045068c4b70c7698b56e
SHA256

4a276f9a28eee85cadd734cdcf658f64f510cc72d5ac0849442244f28446b94e
SHA512

775402c3fe03c69973891837855565b97c11084a472c01449b1ea03cdd9bb480f30b5d872d3fc66f5f32ea8945842c513dd8e0e7901dac6db4ab2cf22dc1df50
SSDEEP

24576:KHawutrulOpnkrz6dx4hmbb8bt8KBWMsS3eSS/:aadtrul8krmdy6fSeSS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d90b27d4c71e34340327c31324f9f0a

Files

5d90b27d4c71e34340327c31324f9f0a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 21KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.1MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE