e07c25671c9065cfc50a400e8e15484a68ea5d6eb8bd1a425905eb169335541e | Triage

Sharing

General

Target

e07c25671c9065cfc50a400e8e15484a68ea5d6eb8bd1a425905eb169335541e
Size

7.9MB
MD5

d7a19ffd7d42f41fd62b63981a15c70d
SHA1

6ee57ab457948c4e2b7252a9821c5b95722c60ff
SHA256

e07c25671c9065cfc50a400e8e15484a68ea5d6eb8bd1a425905eb169335541e
SHA512

b2c307462e3b7a819b1d057692aa01b1e5a7fcc7ee3c29098245f62e58b536d86523413668a5f2baec4f820ab931e24ae41fb542dd8d51d5463e458548b08bad
SSDEEP

98304:TlL+QSOkl/2f4aooOWMBdxXeHG3i98etAT8Qjcx8utHjDs:ZL+QSO3rOZdxej98etAT8Qwx8utHjDs

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e07c25671c9065cfc50a400e8e15484a68ea5d6eb8bd1a425905eb169335541e

Files

e07c25671c9065cfc50a400e8e15484a68ea5d6eb8bd1a425905eb169335541e
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 709KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE