282b4616233f1dc31f6f3604f00cfe86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

282b4616233f1dc31f6f3604f00cfe86
Size

5.4MB
MD5

282b4616233f1dc31f6f3604f00cfe86
SHA1

39fa287bf97c28adbae44307160ef64d99f82124
SHA256

e5199f885d3ae7665071274462b6b47e25fb1ef30dd0b2d47336dd4e4b55fd5e
SHA512

de4876598402d88221d8d66fe13c8a844bc6765b763352cb567e50c850bb51c8a785edad162b8980dd14dc9a0c85ab8dd176bb033a418d396c5744fea46637a1
SSDEEP

98304:DvTs9jWT1uKWlC4knFBoK6h/VVr9Wh1fT2IJng+aU8xPtHty8G5kZ:DvTs9jWT0Ke3knft6htv8172Og+Y3Y8T

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
282b4616233f1dc31f6f3604f00cfe86

Files

282b4616233f1dc31f6f3604f00cfe86
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 429KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.3MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE