1537c5b5599b97a8df8f87020d78586c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1537c5b5599b97a8df8f87020d78586c
Size

8.4MB
MD5

1537c5b5599b97a8df8f87020d78586c
SHA1

77b8aec2b54621dedf545389d8e25ed23ef561c9
SHA256

3f06bd4a9ef9436ab20887e977a2be8bb6707f4eb597adc5ee7f7b5a7885c00a
SHA512

1cb3e1b2f7cfbc35a6afb4535a2605c1c9341baa9d6f7a00835c3f52036f4631b41935026bc7838b3418924d74ae36cfef5725ead134a8814165634fd098ec03
SSDEEP

98304:SHhAVqwf6rk0RCDC/Bh6xAyaBp0aRoo0MPxnR4Pu7Wnr4tKIgFYP3whFuPSEqrDx:SHh0qHwG5hty4u7pFYwY5onPr9v

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1537c5b5599b97a8df8f87020d78586c

Files

1537c5b5599b97a8df8f87020d78586c
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE