4d70b4bb28821f8a8edd5dbd01fa9cfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d70b4bb28821f8a8edd5dbd01fa9cfc
Size

444KB
MD5

4d70b4bb28821f8a8edd5dbd01fa9cfc
SHA1

f51ce91ca98a2468ebf1fdeb5d2a06b7f8a2cba7
SHA256

122e6424ce89653e5f5ca1ec8d99fc6b44e04ebda955133e71aef6ae5a37e06d
SHA512

e6a0401221b38835d9767ae05cc8cc43bb13e40907c0abb3b17d5658a7eed679c4f3324f3f8a22d26d2278ddb60f9f97f3d5c7b3e20428b7bf3fffa4002dcf3a
SSDEEP

12288:bFFwHC1qtJqmfKSsaNfZOv6frndW9bEbuQ:bxqtJqwKSsS8gngES

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d70b4bb28821f8a8edd5dbd01fa9cfc

Files

4d70b4bb28821f8a8edd5dbd01fa9cfc
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 13KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 426KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE