c9bf2365f65fc39791be7d25bb7882d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9bf2365f65fc39791be7d25bb7882d7
Size

1.2MB
MD5

c9bf2365f65fc39791be7d25bb7882d7
SHA1

f2a262a4a16dbd6e68a5629f181abe41684c27c4
SHA256

8fc61aee0fcbe57c18937a2dfc747e6fac17c55e773e47f45429186e1af90001
SHA512

7dbd1f4f8d9c67fd009be119e04a2837a70f6aa12bb9a64d6a0044c4a666a73f183242c35400c3f5e31d583a344ef2d8eee85237b6ff327f4b5edaa57faf76f9
SSDEEP

24576:Eo/GC8qcmpn+qS/pgfRRsvROrCpuTo/JBEIwF+PWZ:EoeKZE7y7uaWBt

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9bf2365f65fc39791be7d25bb7882d7

Files

c9bf2365f65fc39791be7d25bb7882d7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 17KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.2MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE