7efd94a3f0dd3378401730c98932d4dc | Triage

Sharing

General

Target

7efd94a3f0dd3378401730c98932d4dc
Size

2.1MB
MD5

7efd94a3f0dd3378401730c98932d4dc
SHA1

a2ad191e99604f299071c29873f657c81b1be363
SHA256

b6b7e33d5a1b82be701783e36e5bc9c51ea027ad608b31e0c85f223734968835
SHA512

e885513f8a14b862efa9a2121f55cf705b2140878e171cf9368bb4afe8c54374783062c3b03db8e19857b12b71640568494dda19b6851061bbea428c9b1b0b3c
SSDEEP

49152:HlzqTcetq7WKDVDfdBdjwM8LEn1I1L+iFmmciBBLKeS4A9ewM:HNqT/tq7VDfdBda61iVmmPBusw

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7efd94a3f0dd3378401730c98932d4dc

Files

7efd94a3f0dd3378401730c98932d4dc
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

safe
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE