AyuGram Desktop[.]zip

General

Target

AyuGram Desktop.zip
Size

15.2MB
MD5

600c0433acef08d838bbc420cd03970b
SHA1

d6b1aa40e0d2e0adca13293ad2c9511769fcda6e
SHA256

042501e847c12e37c43d7771ebd73d4e8ba9b9880e94acc83ffc062ae24e378d
SHA512

dd14925707fbf9fc4d2ee33bb88c7e1d49a71d7b73eb2d98d700a555700c71769115eaa98b7a6790fe6d3604d2d4642b949ed25ccb0ea89414ee4d43db8f8475
SSDEEP

393216:l7poO+iG79vOEiV98jOP85IhM7291WoVsSCTTqk33mP:bFG74Es91595VsSu2k33mP

Score

7^/10

themida

Malware Config

Signatures

Themida packer 2 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/CCBoot (2).exe	themida
static1/unpack001/CCBoot.exe	themida

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CCBoot (2).exe
unpack001/CCBoot.exe

Files

AyuGram Desktop.zip
.zip
CCBoot (2).exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 737KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 167KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 6KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 63KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3.8MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
CCBoot.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 712KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 161KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 6KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 60KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2.5MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 737KB - Virtual size: 2.1MB

Size: 167KB - Virtual size: 666KB

Size: 6KB - Virtual size: 2.1MB

Size: 63KB - Virtual size: 116KB

Size: 3.8MB - Virtual size: 6.0MB

.imports Size: 2KB - Virtual size: 4KB

.rsrc Size: 52KB - Virtual size: 52KB

.themida Size: - Virtual size: 6.2MB

.boot Size: 3.7MB - Virtual size: 3.7MB

Headers

DLL Characteristics

File Characteristics

Sections

Size: 712KB - Virtual size: 2.0MB

Size: 161KB - Virtual size: 645KB

Size: 6KB - Virtual size: 2.1MB

Size: 60KB - Virtual size: 112KB

Size: 2.5MB - Virtual size: 4.3MB

.imports Size: 2KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 16KB

.themida Size: - Virtual size: 6.2MB

.boot Size: 3.6MB - Virtual size: 3.6MB

.imports
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 52KB - Virtual size: 52KB

.themida
Size: - Virtual size: 6.2MB

.boot
Size: 3.7MB - Virtual size: 3.7MB

.imports
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 16KB

.themida
Size: - Virtual size: 6.2MB

.boot
Size: 3.6MB - Virtual size: 3.6MB