014b345b1d2f0243def5d402241a0d23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

014b345b1d2f0243def5d402241a0d23
Size

700KB
MD5

014b345b1d2f0243def5d402241a0d23
SHA1

a4d7b7d901ba4886ea93a5240018cffe7fcca169
SHA256

15ab92f539015797b185b18dbcc046ee44fc112ea55fc132d2a470eee353068b
SHA512

c08486c19f8b93520daf3930447aba62071e3d2671077e3d6792db062b239c95b40cf4d6a85bd0e0621bf3ed68d3afadf9ee68343fdd972902a21d47c679414c
SSDEEP

12288:pu0C6Dj3gYJzYjve/QH7D0LtXaU6J5N33h3l9UaB/AGz0igPKxQryUpmEqOVtS:puqlw4tL1bk33lVCGz7VxKmEqStS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014b345b1d2f0243def5d402241a0d23

Files

014b345b1d2f0243def5d402241a0d23
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

A6F86D2D67D9403eA725820C4EF210A2
A6F92A92B69B4082AB0F9C7A9C1FF10C
CheckRuntime
EC1DB9C1620C48588C4701045B242FA9
GetCpuID
GetDiskID
GetMacID
MainDLL

Sections

Size: 96KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 576KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE