9a9f05d457296a4c57ac175a013d1906 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a9f05d457296a4c57ac175a013d1906
Size

639KB
MD5

9a9f05d457296a4c57ac175a013d1906
SHA1

77e264ba49d71db927b58c219b22fd6689d1ec9b
SHA256

31b2bab4a78972c4a82e0cb7786ef8f8dd0d58e3ba4a3f9a0e8044d4dc1262a6
SHA512

d3a677c4c8f064ab9d774cd847e3ca1e10954643d842b7f0e7e22e8c869f03769c4c1c3ffcd7d659c88458ff0a088200df1fb3f89e7ba5116957a5a904f32457
SSDEEP

12288:pGn3WKIxQtXjTNyG9KXQXhAQbMEb57CCtzsMQaNnq0K/i:pG3WRUjTN2X+hAlE8CuMLqI

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a9f05d457296a4c57ac175a013d1906

Files

9a9f05d457296a4c57ac175a013d1906
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 620KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE