becc4f101a409adbbda8a380425200f0 | Triage

Sharing

General

Target

becc4f101a409adbbda8a380425200f0
Size

766KB
MD5

becc4f101a409adbbda8a380425200f0
SHA1

34b7e671cd56527ca3cf22336356528a97c67ca9
SHA256

4439fff53d4812b1733f38a4cf7693d3a50d706720df9e0f6cc389214df7e090
SHA512

7c44c457bc11df53f92d630fa91184d0556f31d9a994f5de9af38f1abd9e3ef9c729a9cde552ea615ff71117629e030164ee44c46dec2267c41d7a67c11a3488
SSDEEP

12288:+pr0l24RzBr0HYKMWVLTPWxmHVDvXl1PmoDQH7mwK2UFO0ZqR:+rA24N9DKvV/PWc1/JDjrO0Zu

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
becc4f101a409adbbda8a380425200f0

Files

becc4f101a409adbbda8a380425200f0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 651KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE