d6b7aa7d23b7260eea73ce7a02098632 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6b7aa7d23b7260eea73ce7a02098632
Size

4.0MB
MD5

d6b7aa7d23b7260eea73ce7a02098632
SHA1

fe73ca71f7b709d2905a675a90566baed0d4ea46
SHA256

c8e2173467eea197bc7cace0f25d4cd2ded8e65ebf4409d4034ea1e80ea0d686
SHA512

fcba8b3b8d9616c933874b318c922915e4f9cff5349ea6b9573f45e91631f45cb183569e191b1d97b97d5c6f7cebdec94e2da0454e89023c4df7a9f8e68f4db6
SSDEEP

98304:f38p4JfSKbza2K3YUu7hoBBjiKiy/ZCvwaFS:fsp6bpK3LT2KDIoaFS

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b7aa7d23b7260eea73ce7a02098632

Files

d6b7aa7d23b7260eea73ce7a02098632
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 405KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 18.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Themida
Size: 386KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE