d65a015b2275aa6ac243ccaad1784460 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d65a015b2275aa6ac243ccaad1784460
Size

4.4MB
MD5

d65a015b2275aa6ac243ccaad1784460
SHA1

129a51e501d628765b22940202c4704779e4f86c
SHA256

351223e758287b1afd8d111335fbdbcb01040fbb3b518df3973be2aed35f7318
SHA512

efa8dceb1b0cab0da9af648be520e28339e15dd2b46c2968b64b144d5063591d97a853ddd61befee04ede7e920ccd21867ff7da6f7cb11c3a15841d1498e6660
SSDEEP

98304:7mC0YB1sBiMNLEfmOz6QurLCp3fBWh1fT2IjKS6+pqA:37AiMNLe1zLpp8172zS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d65a015b2275aa6ac243ccaad1784460

Files

d65a015b2275aa6ac243ccaad1784460
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 436KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 434KB - Virtual size: 968KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE