3a100a7bd78fb0bbbc75c48c1454dfc6

Sharing

Copy URL Twitter E-mail

General

Target

3a100a7bd78fb0bbbc75c48c1454dfc6
Size

19.7MB
MD5

3a100a7bd78fb0bbbc75c48c1454dfc6
SHA1

c1656d93c6bd32c053481e382e26c9ac1e6151a1
SHA256

134c84af68fddff6dd48fa1d03a02c3af29d41999f67f627ea57041caeef53cc
SHA512

f3e2ac1719b790b7cc7df1592a7d4ea4b0122f3bf8b780eb446b5b8a332636694480229342f4239d618293c45023127b0113f760e4aa1b29c3a3ea3a0178cbeb
SSDEEP

393216:f9T6vb5gLRtGqvV/Im9KNG+IZZG4mW8l1oyVk7KT05D/N:f9cUtGqvVQm9+0wFj1k7Jj

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a100a7bd78fb0bbbc75c48c1454dfc6

Files

3a100a7bd78fb0bbbc75c48c1454dfc6
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 449KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 108KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 11KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 40KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 15KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 28.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 19.1MB - Virtual size: 19.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 449KB - Virtual size: 944KB

Size: 108KB - Virtual size: 328KB

Size: 11KB - Virtual size: 50KB

Size: 40KB - Virtual size: 69KB

Size: 15KB - Virtual size: 59KB

Size: 2KB - Virtual size: 9KB

Size: 2KB - Virtual size: 4KB

Size: 3KB - Virtual size: 10KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 28.1MB

.boot Size: 19.1MB - Virtual size: 19.1MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 28.1MB

.boot
Size: 19.1MB - Virtual size: 19.1MB

.reloc
Size: 16B - Virtual size: 4KB