ZeroDayNOVA[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ZeroDayNOVA.exe
Size

11.0MB
MD5

3f71eae57b62e4245b438d9f62191489
SHA1

717dcb0dbe3be72568d56ad40b6026878c8fad3b
SHA256

ef616c29b72f8bf670e26ea119940c3c0053e5a964157d15beab4b019e2cc06d
SHA512

5abc3ee6bd89d9fc6382a4edc8635a0f24f751a93561a9bbcfc5435f484fada384c6311bd2e6fe0ec038f7723702f3ecbdfe25aaf8363e58bdb7cb7f0bd9ca9e
SSDEEP

196608:5J0MgkG5oJ0AE5lDgKpoAcuvBlPBe5xeBAdedBC7C78qVq9uQT1jX:Qd5oe5lsKpuuvBl54kTl9VQT1jX

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ZeroDayNOVA.exe

Files

ZeroDayNOVA.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 322KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 49KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 33KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 22KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 629B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 108KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 17.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 322KB - Virtual size: 725KB

Size: 49KB - Virtual size: 146KB

Size: 33KB - Virtual size: 120KB

Size: 22KB - Virtual size: 41KB

Size: 629B - Virtual size: 1KB

Size: 108KB - Virtual size: 198KB

Size: 1KB - Virtual size: 1KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 199KB - Virtual size: 199KB

.themida Size: - Virtual size: 17.6MB

.boot Size: 10.3MB - Virtual size: 10.3MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 199KB - Virtual size: 199KB

.themida
Size: - Virtual size: 17.6MB

.boot
Size: 10.3MB - Virtual size: 10.3MB

.reloc
Size: 16B - Virtual size: 4KB