7d202146271dc49048d1924e55ce54fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d202146271dc49048d1924e55ce54fa
Size

519KB
MD5

7d202146271dc49048d1924e55ce54fa
SHA1

7cb35f44225973f27b0fb80fa1baa787a02ecaad
SHA256

faaea2013194544796ca84d1e6b6d5110fffea209a89d7a75af4327d2be78038
SHA512

7c563bfaf5500a361223fdd27e809dacf5efd6ae32f503242c43f89fcef736a1b95e60268952c65b818445e78b61a1dba022d72e98e736161703b737286cd5c9
SSDEEP

12288:32F2656zziFgJ+AXO/61ldoYY1y+ilxljnuos:G86IviFujXT1T+idVs

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d202146271dc49048d1924e55ce54fa

Files

7d202146271dc49048d1924e55ce54fa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 465KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE