286f5e0925276d0436bad3545ed51887 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

286f5e0925276d0436bad3545ed51887
Size

1.3MB
MD5

286f5e0925276d0436bad3545ed51887
SHA1

6fcc70fa492220cf5ed4237f12388175496c7bda
SHA256

75d0352be068a0905d091d89671a9a678354c78e50e4474ed1845ee089105a4c
SHA512

753365128597674ade8a8e8b57615c759b4ea4e1d3a8c77ea167bba5182f846e32333d0980a33282b4e177a87bcdfa50b882b6c7e03c416ad4db018b8d7246e2
SSDEEP

24576:H4XNWK2jsU0J02Edpzv72XHpVuD4DBY1dmMS/7YfR/PHX:Ydcb262XJJBSYn7iR/vX

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
286f5e0925276d0436bad3545ed51887

Files

286f5e0925276d0436bad3545ed51887
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 11KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.3MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE