1e830ea9be1c85c64a0c25b60839f1dfce1973eeac1179baca9acc587f18f916

Sharing

Copy URL Twitter E-mail

General

Target

1e830ea9be1c85c64a0c25b60839f1dfce1973eeac1179baca9acc587f18f916
Size

3.8MB
MD5

681c4e3d3f6da7c33543474da0814a61
SHA1

90d5811109f05ad50e874b4350a48bda1ac7b877
SHA256

1e830ea9be1c85c64a0c25b60839f1dfce1973eeac1179baca9acc587f18f916
SHA512

486f5061ea1c8a7cbd34bcbd748889041e2a3156eef3353f13212cc2edcae6236334d6c04c329861d5e25f56322b242f83ee7c4dbfa74d90d5178e5838085cd4
SSDEEP

98304:6xkSH+cUE1CH660pp+KTsQImGp+gD8Qok22GN6/+qLUA:6xxectu6zpphGpBMlNDfA

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e830ea9be1c85c64a0c25b60839f1dfce1973eeac1179baca9acc587f18f916

Files

1e830ea9be1c85c64a0c25b60839f1dfce1973eeac1179baca9acc587f18f916
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 50KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 50KB - Virtual size: 95KB

Size: 13KB - Virtual size: 36KB

Size: 512B - Virtual size: 5KB

Size: 3KB - Virtual size: 5KB

Size: 512B - Virtual size: 244B

Size: 1024B - Virtual size: 1KB

Size: 1024B - Virtual size: 792B

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 6.1MB

.boot Size: 3.7MB - Virtual size: 3.7MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 6.1MB

.boot
Size: 3.7MB - Virtual size: 3.7MB

.reloc
Size: 16B - Virtual size: 4KB