bbf6083a7b6d400d35e8930a701ff7da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf6083a7b6d400d35e8930a701ff7da
Size

713KB
MD5

bbf6083a7b6d400d35e8930a701ff7da
SHA1

c192f4f4036ab1db5c42fcef27594bf189b5d369
SHA256

27377c2c297b83b503704986231ecf33063bd3f6d05ed113717bf1f850449c3f
SHA512

9f766f255a6922c3c057e857ab70fca87fea2dbb25da361329174e07cfaa2853c2b4a9d1e13fb5518519b28af0f862d29c8d2a012072d2ac9cf248ee6ceea2fd
SSDEEP

12288:wLiyeHP1S922ApUCsQM3NdCEVewELnNXiY1SqGLhhD7KSNi7m2j4:wLCHNSBVCsdddCSVE7Nyk3+7XI34

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf6083a7b6d400d35e8930a701ff7da

Files

bbf6083a7b6d400d35e8930a701ff7da
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 301KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 388KB - Virtual size: 924KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE