7b73cd8482cbf88216bc3d3e44fddf3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b73cd8482cbf88216bc3d3e44fddf3c
Size

3.0MB
MD5

7b73cd8482cbf88216bc3d3e44fddf3c
SHA1

38b972091924f331f6bade2e1390a0633f630a9c
SHA256

0f8fac6cca92251d9e4748b631f75cd75a32b3d3bd86e61f07bf1b3429ab9444
SHA512

6b95a8a36193def7a77113ea6a4a2566add45dff97fbbe4af6727a96075af595469ef6b5d3d92a498925639b34a9279bedbd1abcc42369c3e5509fa7e3c04687
SSDEEP

49152:HT/wEGnwxguCS9tEUnRTS/KQ8QzZEWRmjGylHr8idZPl9s8yD23hvrKX1YyrEIj:HGAgiDEUnRAgQVEAo9lgiv7W2xvWfrEc

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b73cd8482cbf88216bc3d3e44fddf3c

Files

7b73cd8482cbf88216bc3d3e44fddf3c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 387KB - Virtual size: 968KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 638KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE