cad7ebef6d410870572193253e06f4ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cad7ebef6d410870572193253e06f4ee
Size

1.2MB
MD5

cad7ebef6d410870572193253e06f4ee
SHA1

f3ca2ec3868660a6a69d2ab2cc1c23fe86bed968
SHA256

547bf063c0e283531f1d1247c74ea57077d22725adcfbc4939b69c088cddb14a
SHA512

ebdecd9be66d729932e0e4f470133a8e941eb77c470f090ed70d1f0bf0a8e9d1fc4ec6b4d563fdef1ebbde0f0f74538292c9902c408e770fa25eece0d0bcc464
SSDEEP

24576:HU3iFrukgXaoQT0Oq+RS7HAsE1cFvW8mlmf2G7AbF:HqUKkgBQ1s7gpG7AJ

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cad7ebef6d410870572193253e06f4ee

Files

cad7ebef6d410870572193253e06f4ee
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 1.2MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE