66cc254429bc262cd62c7bd373fe9563 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66cc254429bc262cd62c7bd373fe9563
Size

414KB
MD5

66cc254429bc262cd62c7bd373fe9563
SHA1

6ecd9bf2a86fab29e1c0d2931448e6ddf73dfb4f
SHA256

14ad3b5a738f6755111e2ed403609ef18054b9df089378ef56f7387a1b89bd34
SHA512

90b5c61e9fe89c044445115312f192840d5d7d272064c693fd7bccac104218e270d7233783067014ad1a20953d73d76498d4511c8d79608b08a89719d8bb541e
SSDEEP

12288:Q6SPORyS4rjVJ7fTZK9i7b8mHIdSmQUBgf/VH:PRRyjBW9U81dDQN

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66cc254429bc262cd62c7bd373fe9563

Files

66cc254429bc262cd62c7bd373fe9563
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 17KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 391KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE