565e7c04d4c7c5b7a0acd3a7233d2ae0_NEAS

Sharing

Copy URL

Twitter E-mail

General

Target

565e7c04d4c7c5b7a0acd3a7233d2ae0_NEAS
Size

4.7MB
MD5

565e7c04d4c7c5b7a0acd3a7233d2ae0
SHA1

70cb4b033bb5cb266a40a8a259712718427c56e4
SHA256

59e51910077e449b4a256e00c15e279cdf2f80f472c5a7ae542e35c7b85740c7
SHA512

b5e72174e6b354711d5c684be977bc5413f29ea0defe3e2471e534a04868096177a66219dd6e64eef146d24d028984b518d3e716de171ea778e5f9040463ec4a
SSDEEP

98304:+sOPl3Iko/ioFW1enX5UaOnQtf5cjZhW6tZKVd1:+f1I76+WyJUa74TZK/1

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
565e7c04d4c7c5b7a0acd3a7233d2ae0_NEAS

Files

565e7c04d4c7c5b7a0acd3a7233d2ae0_NEAS
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 407KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 81KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 731KB - Virtual size: 821KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 111KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 407KB - Virtual size: 1.2MB

Size: 81KB - Virtual size: 241KB

Size: 731KB - Virtual size: 821KB

Size: 27KB - Virtual size: 55KB

Size: 111KB - Virtual size: 150KB

Size: 1KB - Virtual size: 1KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 151KB - Virtual size: 151KB

.themida Size: - Virtual size: 5.7MB

.boot Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 151KB - Virtual size: 151KB

.themida
Size: - Virtual size: 5.7MB

.boot
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 16B - Virtual size: 4KB