f644fee7ae446779b0f5d9424ee57f923a687d698fcbd0d2e8184e70b28eb0de

Sharing

Copy URL Twitter E-mail

General

Target

f644fee7ae446779b0f5d9424ee57f923a687d698fcbd0d2e8184e70b28eb0de
Size

2.3MB
MD5

3519722aa38b380938abe566e57ebeea
SHA1

7f01f873e7898e14b786d685d005371499aea356
SHA256

f644fee7ae446779b0f5d9424ee57f923a687d698fcbd0d2e8184e70b28eb0de
SHA512

3b84941e48b1d12144272bf03bb3167b2b18d7bceb3df63d737a6dfacb52e56be6a32aa079edbea050a9cd37dc79dae675b15665988a2ffa61ba4bd01df959ec
SSDEEP

49152:JypVPcQWWdaNZQ4x1LqTv1zW09t+0ZQ9wR8n37ieOL:gvPcQp6VPqv1z3WQyrieO

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f644fee7ae446779b0f5d9424ee57f923a687d698fcbd0d2e8184e70b28eb0de

Files

f644fee7ae446779b0f5d9424ee57f923a687d698fcbd0d2e8184e70b28eb0de
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0BaseAddresses_t@@QAE@KKKKKKKKKKKKKKKKKKKKK_NKKKK@Z
??0CMTKRomLoader@@QAE@ABV0@@Z
??0CMTKRomLoader@@QAE@XZ
??0CNewMTKRomLoader@@QAE@ABV0@@Z
??0CNewMTKRomLoader@@QAE@XZ
??0DeviceProfiles_t@@QAE@$$QAU0@@Z
??0DeviceProfiles_t@@QAE@ABU0@@Z
??0DeviceProfiles_t@@QAE@PBDKKKKGPBKKKKKKKKKKKKKKKEEPBUBaseAddresses_t@@@Z
??0PhoneInfo_t@@QAE@XZ
??1CMTKRomLoader@@UAE@XZ
??1CNewMTKRomLoader@@UAE@XZ
??1DeviceProfiles_t@@QAE@XZ
??4BaseAddresses_t@@QAEAAU0@$$QAU0@@Z
??4BaseAddresses_t@@QAEAAU0@ABU0@@Z
??4CMTKRomLoader@@QAEAAV0@ABV0@@Z
??4CNewMTKRomLoader@@QAEAAV0@ABV0@@Z
??4DeviceProfiles_t@@QAEAAU0@$$QAU0@@Z
??4DeviceProfiles_t@@QAEAAU0@ABU0@@Z
??4PhoneInfo_t@@QAEAAU0@$$QAU0@@Z
??4PhoneInfo_t@@QAEAAU0@ABU0@@Z
??_7CMTKRomLoader@@6B@
??_7CNewMTKRomLoader@@6B@
??_FBaseAddresses_t@@QAEXXZ
?BTLInitSequenceForCommNokia@CNewMTKRomLoader@@QAEXXZ
?CheckAndSetInfoByFamily@CMTKRomLoader@@QAE_NG@Z
?Connect6223@CMTKRomLoader@@IAEXXZ
?Connect6225@CMTKRomLoader@@IAEXXZ
?Connect6226@CMTKRomLoader@@IAEXXZ
?Connect6228@CMTKRomLoader@@IAEXXZ
?Connect6235@CMTKRomLoader@@IAEXXZ
?Connect6236@CMTKRomLoader@@IAEXXZ
?Connect6238@CMTKRomLoader@@IAEXXZ
?Connect6252@CMTKRomLoader@@IAEXXZ
?Connect6253@CMTKRomLoader@@IAEXXZ
?Connect6516@CMTKRomLoader@@IAEXXZ
?Connect@CNewMTKRomLoader@@QAE_NXZ
?CreateMTKFrame@CMTKRomLoader@@IAEHPAEKKHPBE@Z
?DisablePowerOff@CMTKRomLoader@@QAEXXZ
?DisablePowerOff@CNewMTKRomLoader@@UAEXXZ
?DisableProfileSupport@CNewMTKRomLoader@@QAEXPBD@Z
?DisableWdt@CMTKRomLoader@@UAEXK@Z
?DumpPart@CNewMTKRomLoader@@QAE?AW4ErrorCode@@PAEKKH@Z
?EMI_CONI_ofst@CMTKRomLoader@@2QBEB
?GetCPUSpeed@CMTKRomLoader@@QAEXXZ
?GetCurrentDeviceProfile@CNewMTKRomLoader@@QAEPBUDeviceProfiles_t@@XZ
?GetHWCodes_CmdFD@CNewMTKRomLoader@@AAEXAAG0@Z
?GetHWSWVers_CmdFC@CNewMTKRomLoader@@AAEXAAK0@Z
?GetMemAtAddress@CMTKRomLoader@@QAE_NPAEHKH@Z
?GetNokiaMTKOpCode@CNewMTKRomLoader@@AAEEH_NAAK@Z
?GetPhoneInfo@CMTKRomLoader@@QAEXAAUPhoneInfo_t@@@Z
?GetProtectionType_CmdFF@CNewMTKRomLoader@@AAEXAAE@Z
?Jump2Address@CNewMTKRomLoader@@QAEXKKKK@Z
?JumpToAddress@CMTKRomLoader@@QAEXKKK@Z
?LockRTC@CMTKRomLoader@@IAEX_N@Z
?LockRTC@CNewMTKRomLoader@@EAEX_N@Z
?MatchDeviceProfile@CNewMTKRomLoader@@AAEPBUBaseAddresses_t@@GGGKKE@Z
?PreConnect@CMTKRomLoader@@IAEXXZ
?RunBuiltInBTL@CMTKRomLoader@@QAE_NXZ
?RunGenericBTL@CMTKRomLoader@@QAE_NXZ
?SendReceive@CMTKRomLoader@@QAEHPAEHPBEHI@Z
?SendReceiveMTKFrame@CMTKRomLoader@@MAEHPAEKKHPBE@Z
?SendReceiveMTKFrame@CNewMTKRomLoader@@EAEHPAEKKHPBE@Z
?SetBaseAddresses@CMTKRomLoader@@QAEPBUBaseAddresses_t@@XZ
?SetBaudrate@CMTKRomLoader@@QAE_NH@Z
?SetDeviceAddress@CNewMTKRomLoader@@QAEPBUBaseAddresses_t@@XZ
?SetEMI_1@CMTKRomLoader@@QAEXXZ
?SetEMI_2@CMTKRomLoader@@QAEXXZ
?SetLink@CMTKRomLoader@@QAEXPAUIBaseLink@@@Z
?SetMemAtAddress@CMTKRomLoader@@QAE_NPAEHKPBEH@Z
?SetPhone@CMTKRomLoader@@QAEXW4ePhoneType@1@@Z
?SetPhoneInfo@CMTKRomLoader@@QAE_NXZ
?SetTimeOut@CMTKRomLoader@@IAEXXZ
?SetTimeOutValue@CMTKRomLoader@@QAEXK@Z
?TimeOut@CMTKRomLoader@@IAE_NXZ
?base_Address_4@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_5@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_6235@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_6@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_80001@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_8000@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_8001@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_625A@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6260@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6261@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6571@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6572@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6573@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6580@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6582@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6583@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6592@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6595@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_65xx@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6735@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6752@CMTKRomLoader@@2UBaseAddresses_t@@B
?base_Address_MT_6795@CMTKRomLoader@@2UBaseAddresses_t@@B
?mtk625AProfile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6260Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6571Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6572Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6580Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6582Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6592Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6595Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6735AltProfile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6735Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6752Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6753Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?mtk6795Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?nokia105Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B
?nokia108Profile@CNewMTKRomLoader@@2UDeviceProfiles_t@@B

Sections

Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 12KB - Virtual size: 26KB

Size: 3KB - Virtual size: 12KB

Size: 1024B - Virtual size: 4KB

Size: 1024B - Virtual size: 1KB

Size: 2KB - Virtual size: 2KB

.edata Size: 6KB - Virtual size: 6KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 3.7MB

.boot Size: 2.3MB - Virtual size: 2.3MB

.edata
Size: 6KB - Virtual size: 6KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 3.7MB

.boot
Size: 2.3MB - Virtual size: 2.3MB