75f6e53c73c32608bca4261753fcdf16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75f6e53c73c32608bca4261753fcdf16
Size

40KB
MD5

75f6e53c73c32608bca4261753fcdf16
SHA1

c7abe33eaaf9cf573a5d6aadde43602aee6c7bc1
SHA256

46a48a3522b8a03c8df102646d192153075b350e54a8c73959d82ddf008a8d18
SHA512

00a6121a52d596a9fdca7ebccec47877e67c4148411aec526be66f5df2e59da5fd8394e5a6d66dc7949cc95cda1ef86b3d5216df56ffbee86897c62fa5d34a5b
SSDEEP

768:fw0odfukga372cWKavZ77yOT7kGLcWpY9tBtQzgl+dRb+9:fQdWkRrMK/GLcWpY9tBtadRbS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75f6e53c73c32608bca4261753fcdf16

Files

75f6e53c73c32608bca4261753fcdf16
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.1MB - Virtual size: 28.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 672KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE