SecuriteInfo[.]com[.]Win64[.]Evo-gen[.]29905[.]7240

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win64.Evo-gen.29905.7240
Size

6.3MB
MD5

d5e30ae219dc0ba7933656f4c269bd47
SHA1

289c58ed045119e414e14c1273c7bfef78a249ad
SHA256

e08430023169bfb80d2ca67a213c587ad1fffb20ab1132a7fbe87bbaa2cd9745
SHA512

c4c1de6e69507d29e6d4867ff0c57d68f5e7a0cb7ba44740920e92234c3610aa310245318a183e39da1110b5c7443aa216a63c527145642b7126c3f20053c08f
SSDEEP

196608:HrqVWfleT726G3KXCbrr5Hb05qqbrDl3K2sY5Q:HxgT7200CqqvDl3VsoQ

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win64.Evo-gen.29905.7240

Files

SecuriteInfo.com.Win64.Evo-gen.29905.7240
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IHtC
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 264KB - Virtual size: 264KB

.data Size: 15KB - Virtual size: 20KB

.pdata Size: 51KB - Virtual size: 51KB

.00cfg Size: 512B - Virtual size: 56B

.IHtC Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 45B

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 4KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 8.0MB

.boot Size: 4.8MB - Virtual size: 4.8MB

.reloc Size: 16B - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 264KB - Virtual size: 264KB

.data
Size: 15KB - Virtual size: 20KB

.pdata
Size: 51KB - Virtual size: 51KB

.00cfg
Size: 512B - Virtual size: 56B

.IHtC
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 45B

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 4KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 8.0MB

.boot
Size: 4.8MB - Virtual size: 4.8MB

.reloc
Size: 16B - Virtual size: 4KB