665dbdc9cdd1d1c0f5647b95e1530758 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

665dbdc9cdd1d1c0f5647b95e1530758
Size

937KB
MD5

665dbdc9cdd1d1c0f5647b95e1530758
SHA1

7da709aca68109c91633a2d3cffb53047cff4ea8
SHA256

8dd79f23d67e7293a60c556516445eb6aff9a9955c50a7bdc9c11117e2878d56
SHA512

ddfd262ebb3c5b8f1d3a7d68796aae722503754b061761ef656b949dec53646aa011f73ec147deff3477a08aa90699775b5c203d1a5ac94c91dc6a2fe70fa412
SSDEEP

24576:dnz/440RC0YvNnN6JV7Ikx4VUu4ROHB4CaqKoO4+I:d040RQNnNnkx4VUuH6CR4p

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
665dbdc9cdd1d1c0f5647b95e1530758

Files

665dbdc9cdd1d1c0f5647b95e1530758
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 248KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 628KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE