99d3ae697a4d6b0f3d46d2aab6990a3b

General

Target

99d3ae697a4d6b0f3d46d2aab6990a3b
Size

3.5MB
MD5

99d3ae697a4d6b0f3d46d2aab6990a3b
SHA1

877fa8c8cbc1001c3d8516c6c6e06387564d3214
SHA256

dda5f28f781b763879b07d3136d71c67dcbf5228a943463874f5816bc4e95d59
SHA512

bb80f81aaf0af9329164895560676141d690cc946a090dbb7acd167851b72ccb9f78ad5c8c94f93a01431e6d4e5549eb562642959caf7505351ce9e6b6260502
SSDEEP

49152:9nZnRErrFKLc4K2cVo7xq913omRT3z7+NGPGt6qUG109fduj782:FArgc4K2molqomF3f+Sg6qH109fduP8

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99d3ae697a4d6b0f3d46d2aab6990a3b

Files

99d3ae697a4d6b0f3d46d2aab6990a3b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

k.P.G
Size: 759KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 702KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 714KB - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 728KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 696KB - Virtual size: 696KB

.rsrc Size: 512B - Virtual size: 120B

.idata Size: 512B - Virtual size: 4KB

k.P.G Size: 759KB - Virtual size: 764KB

.idata Size: 512B - Virtual size: 4KB

Themida Size: 702KB - Virtual size: 708KB

.idata Size: 512B - Virtual size: 4KB

Themida Size: 714KB - Virtual size: 720KB

.idata Size: 512B - Virtual size: 4KB

Themida Size: 728KB - Virtual size: 736KB

.rsrc
Size: 512B - Virtual size: 120B

.idata
Size: 512B - Virtual size: 4KB

k.P.G
Size: 759KB - Virtual size: 764KB

.idata
Size: 512B - Virtual size: 4KB

Themida
Size: 702KB - Virtual size: 708KB

.idata
Size: 512B - Virtual size: 4KB

Themida
Size: 714KB - Virtual size: 720KB

.idata
Size: 512B - Virtual size: 4KB

Themida
Size: 728KB - Virtual size: 736KB