07bcd344d6fd04eef3325048fa2b3927 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07bcd344d6fd04eef3325048fa2b3927
Size

26.8MB
MD5

07bcd344d6fd04eef3325048fa2b3927
SHA1

d5b78f983aba9156ba8baa45dc59e9d71204c8d9
SHA256

13565e1c6b073dd58e8283f2d47c9aee8e94f8980014aab39507aedc11f227dc
SHA512

7cadbab2b811f150c972e6e9edae7bddd6903bdc1b5d48df6072cc4d7f291230fd76796575c849dde23cf573c55a02a8dbb44fd5a9e682a7c7870b5e3704d1ef
SSDEEP

786432:3kNqqnfki2LkqAaDlHSYjMXqXuJiL2OdUh:3F1LkhagY8qXY

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07bcd344d6fd04eef3325048fa2b3927

Files

07bcd344d6fd04eef3325048fa2b3927
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 21.4MB - Virtual size: 21.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE