c8cb143b6ae1ae52dadf42b20cbcb3de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8cb143b6ae1ae52dadf42b20cbcb3de
Size

1.3MB
MD5

c8cb143b6ae1ae52dadf42b20cbcb3de
SHA1

6a72c2487cfd6917c49ff94f061465c3433a5b88
SHA256

934ebb631964520efa218fe62674dfd9a040afcd492bbbce4838ccf81dc1752c
SHA512

56bc88a48fa1e78585e82cf45889f07a948de68db566bb5419eaba28c6056acbbbe022fc4e0ef2300ce8c0f96320e0a133cbc14717cf93e1c3791b82c81565d0
SSDEEP

24576:euqyD6svEptQTwVlWEDe8PeUedyGZSoc6KRyifzadsWbA:zNv4WI7bkZ4giba6Wb

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8cb143b6ae1ae52dadf42b20cbcb3de

Files

c8cb143b6ae1ae52dadf42b20cbcb3de
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 24KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.2MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE