55538671f01f5ac3fa23a6c7729c03ec

Sharing

Copy URL Twitter E-mail

General

Target

55538671f01f5ac3fa23a6c7729c03ec
Size

2.3MB
MD5

55538671f01f5ac3fa23a6c7729c03ec
SHA1

c951b442560e847ff3b812f8e4a863414291e128
SHA256

c9c9e4b0dbee475f686757cdb5ac0bb8cc836525759fa12cb900e27ea47386f2
SHA512

d2ff7a33694aaf719e758d6f36c9e57a36e3e4303274c1e737fe20fd9bd0fcee392d5a798168868191150701ad829c76e2fcd7686b88d5ddfa8eb4c3f9079beb
SSDEEP

49152:V2jB9446V7YuJatjRIp90xXldnKnG9C5ba4i5BFirY4Zq:VzdquJaRs0RKnuAba4iPFiro

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55538671f01f5ac3fa23a6c7729c03ec

Files

55538671f01f5ac3fa23a6c7729c03ec
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 82KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 31KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 687B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 131B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 333B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 82KB - Virtual size: 152KB

Size: 31KB - Virtual size: 72KB

Size: 687B - Virtual size: 11KB

Size: 4KB - Virtual size: 8KB

Size: 131B - Virtual size: 244B

Size: 333B - Virtual size: 648B

Size: 1KB - Virtual size: 2KB

.imports Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.themida Size: - Virtual size: 3.3MB

.boot Size: 2.2MB - Virtual size: 2.2MB

.taggant Size: 8KB - Virtual size: 8KB

.imports
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.themida
Size: - Virtual size: 3.3MB

.boot
Size: 2.2MB - Virtual size: 2.2MB

.taggant
Size: 8KB - Virtual size: 8KB