SecuriteInfo[.]com[.]Win64[.]TrojanX-gen[.]13291[.]9542[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win64.TrojanX-gen.13291.9542.exe
Size

4.9MB
MD5

1603f7cc764f476b3f6a9fd73a9fedc0
SHA1

9d61e8aaf5cae7af1f055eb89c0be92ee7cdee90
SHA256

3bc2e6066c795cf46fef7442e443e4a17eeb16fa61bb5cdcd49ae808a9de51d8
SHA512

642c318af6d2c21f24010542d7e40a89e5cfbd0e6fc5af046feddf9531f49134e40850954e40b2e945d4dbd8e5d009c1bf578d75b76457aa612a0c62e52afbd0
SSDEEP

98304:onqcVvKgY+2uAAqVpsAeNhEItyV4WAUrj7IrBfzCHbFU7btSVHv625zOX:onqc5Y+2uAA4psX2mJWz0NC7FU0vnOX

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win64.TrojanX-gen.13291.9542.exe

Files

SecuriteInfo.com.Win64.TrojanX-gen.13291.9542.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 335KB - Virtual size: 849KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 83KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 178KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 22KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 275B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 335KB - Virtual size: 849KB

Size: 83KB - Virtual size: 219KB

Size: 178KB - Virtual size: 271KB

Size: 22KB - Virtual size: 40KB

Size: 275B - Virtual size: 488B

Size: 2KB - Virtual size: 6KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 7.2MB

.boot Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 512B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 8KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 7.2MB

.boot
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 512B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 8KB