67da79ef7af4c41f19bb79df66dc0125 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67da79ef7af4c41f19bb79df66dc0125
Size

555KB
MD5

67da79ef7af4c41f19bb79df66dc0125
SHA1

16b19f3da2ff5e3347ad542ad7ded35397c2726c
SHA256

157a03bc6805d62778cbb30abfba43d537c5d156bac49518c6867e13830a8abd
SHA512

499a9d9c8ca1db64c6d5efdab1b766da40634bd9720874f15098393c3d8acbeede26fd65e86000118490668c7ffa69d3491b0422309dd52fe6a9efd8a9e952b6
SSDEEP

12288:uwnomNQs55H77lErnv4WK6rFKDTQu/b/H6SDVL:uw/PGnw74mTaSVL

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67da79ef7af4c41f19bb79df66dc0125

Files

67da79ef7af4c41f19bb79df66dc0125
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 159KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 382KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE