9c478e94497b537201b2d3aa2711a470 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c478e94497b537201b2d3aa2711a470
Size

936KB
MD5

9c478e94497b537201b2d3aa2711a470
SHA1

01f4a5adf77c97faea6650fc216fb4e42e6322ed
SHA256

c84ef4ab93316a4362b39ac3d5e9b6161dfb087b10eb2ed97a130f0ead85a947
SHA512

16f8aa805f31927ff46be41d2c00f02334d1b70d8ca52dc141db834c4cc1cfb201d7cdc47a10ee249c8aff124982e23a241a94e7f629e155b78fe32351b171b7
SSDEEP

24576:z9zHTdoNjyTSgVfVeMOcH7dHODmliyNXijcmhn:zxTdoN5gxUVcbp8y8

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c478e94497b537201b2d3aa2711a470

Files

9c478e94497b537201b2d3aa2711a470
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 313KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 607KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE