e8dae83f81c6d681d7339ffc970ca8ff48b982e0336c731ec9899628b8320684

Sharing

Copy URL

Twitter E-mail

General

Target

e8dae83f81c6d681d7339ffc970ca8ff48b982e0336c731ec9899628b8320684
Size

12.6MB
MD5

17e02f40b78faa0863ec19ef7d0acc90
SHA1

57b2594b62b7becb954b30b576948ca00f9f4bbc
SHA256

e8dae83f81c6d681d7339ffc970ca8ff48b982e0336c731ec9899628b8320684
SHA512

3e09d23b2ab11f866907f05ad6f58be8c374598a695c9e49548c1a1867e6c905b217c28b9890806ac744df0ac0f1756672aec6fdeb52b3227a9f2fc1cdc1b94b
SSDEEP

393216:YaUoOwsbmCryQDyVoNmgr3SD4sDiUs+ZCy+W:soOwsbmCP3e4sDiU6JW

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8dae83f81c6d681d7339ffc970ca8ff48b982e0336c731ec9899628b8320684

Files

e8dae83f81c6d681d7339ffc970ca8ff48b982e0336c731ec9899628b8320684
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 2.0MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 451KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 22KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 126KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1.3MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 20KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 2.0MB - Virtual size: 4.2MB

Size: 451KB - Virtual size: 1.9MB

Size: 22KB - Virtual size: 167KB

Size: 126KB - Virtual size: 216KB

Size: 1.3MB - Virtual size: 2.5MB

Size: 20KB - Virtual size: 130KB

.idata Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 366KB - Virtual size: 366KB

.themida Size: - Virtual size: 12.1MB

.boot Size: 8.2MB - Virtual size: 8.2MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 366KB - Virtual size: 366KB

.themida
Size: - Virtual size: 12.1MB

.boot
Size: 8.2MB - Virtual size: 8.2MB

.reloc
Size: 16B - Virtual size: 4KB