9f155ed96c1e340ad8a4351d4c64ef80ba53cc3177fca950abe2496cab664679

Resubmissions

03-09-2024 14:55

240903-sar47s1dnc 9

Sharing

Copy URL

Twitter E-mail

General

Target

9f155ed96c1e340ad8a4351d4c64ef80ba53cc3177fca950abe2496cab664679
Size

2.9MB
MD5

d800074bc6f66162ba3b377b17ccaca3
SHA1

2ca3d62ff2c66035d2bd08fd47caee735abdea9a
SHA256

9f155ed96c1e340ad8a4351d4c64ef80ba53cc3177fca950abe2496cab664679
SHA512

c3899ab731370468bdd9a6b11d7219eb65a932adec2358c5217a6db7f0236d059b36bad5397e43da8eab3ed821525f90b5721f5ebc4a62fd5d72d7e68ae0e46c
SSDEEP

49152:vrKgP5pyOnepuIuwAc8/Ep//lh9uTE1f4M7xyOpjnZYtxIvJlRJkPN:m6PyO49YEp3lhwi4xEnZYtiJP2l

Score

10^/10

themida

Malware Config

Signatures

Detects executables packed with Themida 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_Themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f155ed96c1e340ad8a4351d4c64ef80ba53cc3177fca950abe2496cab664679

Files

9f155ed96c1e340ad8a4351d4c64ef80ba53cc3177fca950abe2496cab664679
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 286KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 154KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 723B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 470B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 286KB - Virtual size: 587KB

Size: 154KB - Virtual size: 306KB

Size: 723B - Virtual size: 224KB

Size: 13KB - Virtual size: 22KB

Size: 4KB - Virtual size: 4KB

Size: 470B - Virtual size: 552B

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.themida Size: - Virtual size: 4.1MB

.boot Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.themida
Size: - Virtual size: 4.1MB

.boot
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 16B - Virtual size: 4KB