53c02f343d2ce6c6439ed006f8987468 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53c02f343d2ce6c6439ed006f8987468
Size

4.7MB
MD5

53c02f343d2ce6c6439ed006f8987468
SHA1

20a2b343972a3947b3da40464cb5aaaad2aaaeaa
SHA256

ddbc460c0e06f8fff13bb16d0eed01e935713bfeff8d574a02b36a5bf1ca2ece
SHA512

916a272d5d01f016ab077ccf2942f61fd42f6db0e8b3d6294aa283c8ee2a302e21261f53c9032b8a9ce09ca4e0aa9cdb7223c187742eb5efa93bd8fae2c58e43
SSDEEP

98304:mIL/wJbKW2mu5RODo29oV00rn02GiesXX1LeWKZEhUhBWCILIu4Eb:mILYJbKxCbfr2pesnQWydGCgb

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53c02f343d2ce6c6439ed006f8987468

Files

53c02f343d2ce6c6439ed006f8987468
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 391KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE