130b8be8897ba3d39a63a5412fc2aeef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

130b8be8897ba3d39a63a5412fc2aeef
Size

5.1MB
MD5

130b8be8897ba3d39a63a5412fc2aeef
SHA1

d51fcea0e8874d64330318634be015c922c218c1
SHA256

45be7aaadf0da50bdcbc9b8cdffb5565fd168f72963c8cdba9a352ae08e6e32b
SHA512

f1ec195a17fac23250c344ea1edd25782b1d1e221f840889e1fa18854595731b49fbb17f9a0c3f506c135209f5a9b06eab7f9624e6c90f423504ee220cb4b682
SSDEEP

98304:ooGOW3/n49jvbVluE4j6c6jty/TXvp3lxFG5XQ:ooGNCjvBluE4AtQpjyA

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130b8be8897ba3d39a63a5412fc2aeef

Files

130b8be8897ba3d39a63a5412fc2aeef
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 444KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 14.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.2MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE