Artic_Solutions[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Artic_Solutions.exe
Size

3.7MB
MD5

b621bdcadf0f211b900eb59cbb87e289
SHA1

aa8515d6f96b78adfcd813acf741a6e7733de5e9
SHA256

473c90c16001e642ec70671275b8cbe8e53bc3d2d9d800420757a2e77ce636d0
SHA512

0a7be5d1ac8905f8232a96972d7909d79f613e0e1d90e0b456a33439c6eed793f4d70bbe45f13d70ea98875481d2a326b10a3f407e360b19a00c37c44a09ae1a
SSDEEP

98304:oddNnTFBbcx0r070DZtqxSC3mnr/r44dcWgC:+Tna0HjGmrk4qK

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Artic_Solutions.exe

Files

Artic_Solutions.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 241KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 76KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 422B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 275B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 241KB - Virtual size: 529KB

Size: 76KB - Virtual size: 440KB

Size: 422B - Virtual size: 4KB

Size: 10KB - Virtual size: 17KB

Size: 275B - Virtual size: 488B

Size: 1KB - Virtual size: 1KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 5KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 5.7MB

.boot Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.7MB

.boot
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 16B - Virtual size: 4KB