28bbbd73d67f6a1e0de927ac8947225f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28bbbd73d67f6a1e0de927ac8947225f
Size

488KB
MD5

28bbbd73d67f6a1e0de927ac8947225f
SHA1

f64fe7779c65324e022abfb963f8fe1e5285ee92
SHA256

2650058f4859257c521cad3ade0ec0530fa265def927d71b454a4b54c805e12f
SHA512

8ce8f2ec172278fd108faef0c3eed7e622934751449afa90ee6787ee9886a8e5a804b7ca4c7fc54bc653309aa8f3fec97188aab8bdf1d8fe647842944715c729
SSDEEP

12288:nghlsJWOCKWde/wM3RsdNGYS3FtAgzCE6/z:nclsJToGwGRyNGYoSg2E6

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28bbbd73d67f6a1e0de927ac8947225f

Files

28bbbd73d67f6a1e0de927ac8947225f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 24KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 456KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE