c204609320f7a580cdd2ce2966951a4d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c204609320f7a580cdd2ce2966951a4d
Size

1.2MB
MD5

c204609320f7a580cdd2ce2966951a4d
SHA1

b5a8da31751d04797678ec43909c18ff4d6bea32
SHA256

19dc8b0d73c082de84db4e5efb4c62c211eab7a9fd074f529253feb38676ddc3
SHA512

119f5b02a953feefba420a846d2694015134f612e749949217e3d4226282f1b3c5dd298ce220a3f0d15bfd45b76a9348011dec52d3c52213c041e0eaa48440a4
SSDEEP

24576:9EI3SbpW7kn2e3RMlpWrMYwxrWH/8DLBfJkzq:9X3SBHWgwYwhW0D9S

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c204609320f7a580cdd2ce2966951a4d

Files

c204609320f7a580cdd2ce2966951a4d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 58KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.1MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE