5c09dc39e5bbfe1245f77b88092ec45c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c09dc39e5bbfe1245f77b88092ec45c
Size

1.0MB
MD5

5c09dc39e5bbfe1245f77b88092ec45c
SHA1

d36cc2b351ddb5c0e7f8c1e756e10c698fdc08ba
SHA256

7c27cdbe0bc05e28218b182550ffeb418f207e42e0d6083c7f9ca43df1b890f8
SHA512

56ef1b29bf2bb48d4aa86287ec04e95f964ad85c4d631e396b8d8c452130ab3952b2ac0ea007c1ef8e830b31e67dab283a68fb75e324baa1405a1e18ededed53
SSDEEP

24576:y7yzMXw65LvJvHdAVRpp33Mhr1k31lbuoV6Lzt5y7YrmO5:y7WoF5LvdGn4ubzV6Lzt6a

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c09dc39e5bbfe1245f77b88092ec45c

Files

5c09dc39e5bbfe1245f77b88092ec45c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 734KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE