7c1db17ff5cada2d7a27d222848efc4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c1db17ff5cada2d7a27d222848efc4f
Size

244KB
MD5

7c1db17ff5cada2d7a27d222848efc4f
SHA1

ad6d0d4d40b9c2058246b75f68d629223336e8f1
SHA256

dbc949614ce7dd779e8673e61aff4d58565a7f92e5c69fcf867c00508590162c
SHA512

ff1b14044a524a18440d11e8a42f9e87882ac3bef25d100987d52976aacb3dac6a7dfeab79e29f66d505eb02b1cc5e1694ab72fdc671d1f73a87f7f2644d6adf
SSDEEP

6144:NkhkH3qiux3dNoARVcp9DUUdm+yCXrURXqdQN:NqkH3h87cp9DUU/AZBN

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c1db17ff5cada2d7a27d222848efc4f

Files

7c1db17ff5cada2d7a27d222848efc4f
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

Size: 39KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 644KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE