84af3c55827678064f516eb2178927dfbb1f2629bb4af4b52755d93f77541bb3

Sharing

Copy URL Twitter E-mail

General

Target

84af3c55827678064f516eb2178927dfbb1f2629bb4af4b52755d93f77541bb3
Size

4.7MB
MD5

0a94175bf017ded066e75c94d7915022
SHA1

448256dd80a5334203baa7ad200c26d187fd5598
SHA256

84af3c55827678064f516eb2178927dfbb1f2629bb4af4b52755d93f77541bb3
SHA512

dfe44d7baaa3821297d0eae103af142029698683dd6ec903f7174ad7a4d8081da8a2f54e874f63492012df841a477420be25822d2690ea0184fdd628e0cbd9a0
SSDEEP

98304:znZj9txs79Z8J0GovzOqaFE02QsHIvxaHbwsmsK0n4kzSZJO919:zn9+7P8FZqZQswjsJnd4E19

Score

10^/10

themida

Malware Config

Signatures

Detects executables packed with Themida 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_Themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84af3c55827678064f516eb2178927dfbb1f2629bb4af4b52755d93f77541bb3

Files

84af3c55827678064f516eb2178927dfbb1f2629bb4af4b52755d93f77541bb3
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

PyInit_pyarmor_runtime

Sections

.text
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 499KB - Virtual size: 499KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 48KB - Virtual size: 47KB

.pdata Size: 9KB - Virtual size: 8KB

.xdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 25KB

.edata Size: 512B - Virtual size: 93B

.idata Size: 13KB - Virtual size: 12KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 672B

.edata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 7.2MB

.boot Size: 4.1MB - Virtual size: 4.1MB

.reloc Size: 16B - Virtual size: 4KB

.text
Size: 499KB - Virtual size: 499KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 48KB - Virtual size: 47KB

.pdata
Size: 9KB - Virtual size: 8KB

.xdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 25KB

.edata
Size: 512B - Virtual size: 93B

.idata
Size: 13KB - Virtual size: 12KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 672B

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 7.2MB

.boot
Size: 4.1MB - Virtual size: 4.1MB

.reloc
Size: 16B - Virtual size: 4KB