58b61b01f847a6699c6fc76d5d422441 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58b61b01f847a6699c6fc76d5d422441
Size

5.6MB
MD5

58b61b01f847a6699c6fc76d5d422441
SHA1

05e2902da549bcdcd482b6c1386989a940f78a98
SHA256

04c0bea905c97c8a483cc2733d6ceb96fa1b1733b35001492ad33247f5abb173
SHA512

e7f8ae918e7bb027fb269e1b0dd22ec532d1de3c84d64abd771c5a110e0b7c30488ab9303953e054f72c5837af7cd6b635e14b5f91cd1f0a52304f28d717155d
SSDEEP

98304:ORSObst7OWQkAhLMZZgwwpEonHb3I37GbJx9XYGrzFsZf+KDX1AHciZF16AzghYX:Otgtb9AVvfTn7G6JH/Ou11o6

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58b61b01f847a6699c6fc76d5d422441

Files

58b61b01f847a6699c6fc76d5d422441
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 43KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 582B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 15B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ