bc82d953727578be4399821119bf966f | Triage

Sharing

General

Target

bc82d953727578be4399821119bf966f
Size

580KB
MD5

bc82d953727578be4399821119bf966f
SHA1

cf989ec5ea72e1394c889bae26943c4268a45518
SHA256

edb03a8fe47a1c7f7a984d0bd57bfbe51e992d4d2f30ee66eb7a6d85975f612b
SHA512

40d8c34f5b77c43e3e64055db275c33f1f26c26323cf674858cfda6a414d429511728c2717cdefc9393e8a85b77be2fec245936029c343b32c2f2a4f3e2942d6
SSDEEP

12288:gCPDue9Y9SatUffreXKMmRbrdC74R3Pxg+lz8le:FPaemtUbcgRbxC7gPuYz8

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc82d953727578be4399821119bf966f

Files

bc82d953727578be4399821119bf966f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 168KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 396KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE