65a1bf9fa996c17e4ded1d7ec1e09217 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65a1bf9fa996c17e4ded1d7ec1e09217
Size

1.4MB
MD5

65a1bf9fa996c17e4ded1d7ec1e09217
SHA1

70d9a9b20bbf62f71662c4ffdf371f15ebad3c0e
SHA256

f008dc4e54a1ef8db3d8a55ae54658c399ab2ad847777f668ab422ce3ad5cf6d
SHA512

280867e30dc21a78b41ff95c19833c6f955baeb6ca75684d568cb5f1a245a91cd4d5a000242cdaf5fac8181f5d48ab27060a532e414993eaef97c9cf1eaff47d
SSDEEP

24576:cMmtUwUHQ1kJH3kyRmiBCPkiD//BKSttMaAtSDgt1Yrft:cMqUw183kyoSCPzD//VItYq4t

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65a1bf9fa996c17e4ded1d7ec1e09217

Files

65a1bf9fa996c17e4ded1d7ec1e09217
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE