661fe86105cc97e03f048c815956a241 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

661fe86105cc97e03f048c815956a241
Size

600KB
MD5

661fe86105cc97e03f048c815956a241
SHA1

4f5011b790c95b5086c7dc6c26778f69dc3b61e3
SHA256

25af3ec67df4e005c04ca57cf424a54fbc583ab40f02b2cb96dd8a478d519e6f
SHA512

4324f4e86d64189844a9b7b705a1b3e33b4e9e4aed78d50277bc47e8577c1410b193699fb21a2afc714a85cb6a0ef923b55b6a951cfa0665d39419c0daa71902
SSDEEP

12288:IBorZt7w/j5Fi/Z6OxNeePxsGWhHqjEoHuGlZmomTQWJpfr:vb7w/lFixPkePxOKjE/6SDr

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
661fe86105cc97e03f048c815956a241

Files

661fe86105cc97e03f048c815956a241
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 542KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE