0b2b19b37bf592779ceb88311bed24bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b2b19b37bf592779ceb88311bed24bc
Size

403KB
MD5

0b2b19b37bf592779ceb88311bed24bc
SHA1

41256e1cc50e3925c18e7659ed3f7dcd8dc1e762
SHA256

9ab4f8b80d905cf4cf1653145c0f69234e89510ec74b51e6d7c5ee7b81fcf230
SHA512

953d1ffc36ab0114843689559fe603db332efbb9dbaf982be911b6981616a72aaff50e8e9f16399edaacdf117cc50b02a0a68b9133b2415cfa9854592b6d73f3
SSDEEP

12288:dRTpO+0W5jEEclkfPTJbYFZl6LHXa7I5MDfee:3TpnlEXkfP1iWrXpMje

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2b19b37bf592779ceb88311bed24bc

Files

0b2b19b37bf592779ceb88311bed24bc
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 17KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 380KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE