2214d2416bfe82868a47f7244a97d58361949d172ef89307a83cdd319316bc0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2214d2416bfe82868a47f7244a97d58361949d172ef89307a83cdd319316bc0b
Size

5.3MB
MD5

b55b0132c353e2e9e1fe5c9e4f79e40c
SHA1

1101d940fe192bb03dceced89e2103b480a306c6
SHA256

2214d2416bfe82868a47f7244a97d58361949d172ef89307a83cdd319316bc0b
SHA512

b4659b701e582759a8e426a05dbf50ca4cde81d58c4861cd20cdd2f30f3ff4e97df96b4f1da74d955577a8d3c926c3bdf467b0c0594f18673dccc35535b66ad1
SSDEEP

98304:Ks/cC2hE5gdPLwHU/8yRwhSPh4Akxnh9hOM2F4HYNYhB7g0JUg4VRuBpYC8:K33hE52+edRwhSiASnhPOM588cRuB

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2214d2416bfe82868a47f7244a97d58361949d172ef89307a83cdd319316bc0b

Files

2214d2416bfe82868a47f7244a97d58361949d172ef89307a83cdd319316bc0b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 788KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 132KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 56KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.3MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ