9bf7a2cc4c8577a31e198e37196c45c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bf7a2cc4c8577a31e198e37196c45c3
Size

706KB
MD5

9bf7a2cc4c8577a31e198e37196c45c3
SHA1

f27ee3090f6400c429d45feaeffb50d550011ce7
SHA256

75e438b0f4422d4e22de730446dae17652ae0757eab1a92a00d41adbb2d8fbc6
SHA512

d50caabbb8a36fb7a3d2972e0d6d06b00c74ac0bc23ecbd95e8c173fba64d57a48979d23ffe2a9db528a5cf5f7774c957556e8dd9fc4f9a2b04d78b4d20917fb
SSDEEP

12288:PcVpr0l2ZgRjOkD3oKQ6+dXhA0aJuj00KjOpz6nAgdYe+TdaACRWyOGXRnx:UTrA2ZgpQt0M05jOpu/oTdaVRWqj

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bf7a2cc4c8577a31e198e37196c45c3

Files

9bf7a2cc4c8577a31e198e37196c45c3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 630KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE