47de121ddb9b6a8435c7f46d4eb6c087 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47de121ddb9b6a8435c7f46d4eb6c087
Size

931KB
MD5

47de121ddb9b6a8435c7f46d4eb6c087
SHA1

58307fe58a06bae88256f06e91cd657a0828aa8f
SHA256

b1ba0725f77342dcc7e50bbdc9569ad7952499a93467faf32c87764269ffec39
SHA512

026b7489fc8deb645413f7e3143ae29356544e5e84cfcd3484a96d2dbc041e2ff3727bc527d94aa080c60f62444eb311c2881c635cf2d7aaf02bdcc7283ac81c
SSDEEP

24576:F5M9o7bWGFhkCSc4lIT47pn6x5QPdcMBT:FO9QWG//4tF6YcMF

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47de121ddb9b6a8435c7f46d4eb6c087

Files

47de121ddb9b6a8435c7f46d4eb6c087
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 312KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 604KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE