2723145de8a98de16349ee3766a0c32e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2723145de8a98de16349ee3766a0c32e
Size

460KB
MD5

2723145de8a98de16349ee3766a0c32e
SHA1

1b7c386d5a4e6194ba359f3051c0d8bbf0836abc
SHA256

3d4ff2e7dc0830e525aadefd557ccfea47c4b9a61bcdecd1cca2d9949cd9687e
SHA512

3098160c26d714ba73579f0af37f591a1d26c240dcc097aa971c8bc3a39c9da19751da3eb997e78ce0d1a1a19b7e6ef8f22c9e1eac62401899a86524a1051245
SSDEEP

12288:1Pf2GR54G2j+PhGdgXr3vFnQCfGYZ++wHgN:1PxQG2jtGNnhUv

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2723145de8a98de16349ee3766a0c32e

Files

2723145de8a98de16349ee3766a0c32e
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

start

Sections

Size: 24KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 428KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE