be5b4a145a458bfc2cfc67ee785d673d | Triage

Sharing

General

Target

be5b4a145a458bfc2cfc67ee785d673d
Size

1.1MB
MD5

be5b4a145a458bfc2cfc67ee785d673d
SHA1

e161e9731437cdb37f64098c452bad11383b0c95
SHA256

a9d6b572572076fecf679392f2c77ec24ed4d4432c5c7e7b326e8a6936310ded
SHA512

38e6aa4030ff23f8518c7941272c390dec3dc58907175428502d6eb476f2ebeec4e000f7eb913d5f461a03d254929c35d5d7c11162538c6169458b68fdddd7d5
SSDEEP

24576:m/A1GEl8qhdaAl91inO59qHnx51z8TFSNVtJfP3o:2udzl9QO59E1z8w5fP

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be5b4a145a458bfc2cfc67ee785d673d

Files

be5b4a145a458bfc2cfc67ee785d673d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 272KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 769KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE