b61dfca42453fe6094115457f93757c1 | Triage

Sharing

General

Target

b61dfca42453fe6094115457f93757c1
Size

872KB
MD5

b61dfca42453fe6094115457f93757c1
SHA1

f0e502a72634e5b2ba62280553828c0a68a545f9
SHA256

dd4de27975c3b41eb8caae9d7733e4cac6baef525eee43a07448297d61585455
SHA512

36e820caf3bc6a679886e9e9ac0b5164c23ae7fe15f206a585b46cc1c0c338765c87473398d9c6d051cab35a4ac7606f8c4b79f806278b53f2a9b6364ca65faf
SSDEEP

24576:Ju0ZHPeOere9FHf1uMFK1A4z0n4iAHdk:ZeOere9l1uT14ngHW

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b61dfca42453fe6094115457f93757c1

Files

b61dfca42453fe6094115457f93757c1
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tiro
Size: 200KB - Virtual size: 200KB

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 632KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE