3bf9d28d8bb933b168aa02da66efc4dc | Triage

Sharing

General

Target

3bf9d28d8bb933b168aa02da66efc4dc
Size

832KB
MD5

3bf9d28d8bb933b168aa02da66efc4dc
SHA1

23961d25cb87f78a75b51b4a03c6e089e7364645
SHA256

edc1da249a0825c677e62d97c004ea1f2fb8985658e3def7fad28ee865c59cdb
SHA512

885ca39837be879d42f49b58c73564bf5e2951f2aac137ee2eb9c7ee359351527136bc8da0d0295ca70121fec4d71fbce21d77187a63cfdc7e8214e38d6b06f0
SSDEEP

24576:MF4/g/zRrA/VdBzcV/PsjF0fxyx++yUxlh:MmY9GjM0jFYxy+2h

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bf9d28d8bb933b168aa02da66efc4dc

Files

3bf9d28d8bb933b168aa02da66efc4dc
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 212KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 600KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE