c6013ac47ebe8e2c7b89a6a7fb4afefd5af6924aa6a57bf01a744b5f1cb862ec

Sharing

Copy URL

Twitter E-mail

General

Target

c6013ac47ebe8e2c7b89a6a7fb4afefd5af6924aa6a57bf01a744b5f1cb862ec
Size

3.6MB
MD5

7be188b7782ba424266af48e2ffbb730
SHA1

17c7a2c3cfd4f13d05a8ef422c5aa46adf44b324
SHA256

c6013ac47ebe8e2c7b89a6a7fb4afefd5af6924aa6a57bf01a744b5f1cb862ec
SHA512

47a194760ceaa5d2e92142782d44a597bf54036b743cd0682a6e1e672dee7ad02cded0bad6db95ff293acdcebc677433a6b905e665efbf8e2258e2b0a551859f
SSDEEP

98304:/JSQDqfB9fkTg67u5qQ/DTYQEP3+rqlWtPmTsvsPbCd:/JSQefB98NPPtMP+ksPbCd

Score

10^/10

themida

Malware Config

Signatures

Detects executables packed with Themida 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_Themida

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6013ac47ebe8e2c7b89a6a7fb4afefd5af6924aa6a57bf01a744b5f1cb862ec

Files

c6013ac47ebe8e2c7b89a6a7fb4afefd5af6924aa6a57bf01a744b5f1cb862ec
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

Java_com_sun_javafx_font_PrismFontFactory_getEUDCFontFile
Java_com_sun_javafx_font_PrismFontFactory_getFontPath
Java_com_sun_javafx_font_PrismFontFactory_getLCDContrastWin32
Java_com_sun_javafx_font_PrismFontFactory_getSystemFontNative
Java_com_sun_javafx_font_PrismFontFactory_getSystemFontSizeNative
Java_com_sun_javafx_font_PrismFontFactory_getSystemLCID
Java_com_sun_javafx_font_PrismFontFactory_populateFontFileNameMap
Java_com_sun_javafx_font_PrismFontFactory_regReadFontLink
Java_com_sun_javafx_font_directwrite_OS_AddRef
Java_com_sun_javafx_font_directwrite_OS_Analyze
Java_com_sun_javafx_font_directwrite_OS_AnalyzeScript
Java_com_sun_javafx_font_directwrite_OS_BeginDraw
Java_com_sun_javafx_font_directwrite_OS_Clear
Java_com_sun_javafx_font_directwrite_OS_CreateAlphaTexture
Java_com_sun_javafx_font_directwrite_OS_CreateBitmap
Java_com_sun_javafx_font_directwrite_OS_CreateFontFace__J
Java_com_sun_javafx_font_directwrite_OS_CreateFontFace__JIJII
Java_com_sun_javafx_font_directwrite_OS_CreateFontFileReference
Java_com_sun_javafx_font_directwrite_OS_CreateGlyphRunAnalysis
Java_com_sun_javafx_font_directwrite_OS_CreateSolidColorBrush
Java_com_sun_javafx_font_directwrite_OS_CreateTextAnalyzer
Java_com_sun_javafx_font_directwrite_OS_CreateTextFormat
Java_com_sun_javafx_font_directwrite_OS_CreateTextLayout
Java_com_sun_javafx_font_directwrite_OS_CreateWicBitmapRenderTarget
Java_com_sun_javafx_font_directwrite_OS_Draw
Java_com_sun_javafx_font_directwrite_OS_DrawGlyphRun
Java_com_sun_javafx_font_directwrite_OS_EndDraw
Java_com_sun_javafx_font_directwrite_OS_FindFamilyName
Java_com_sun_javafx_font_directwrite_OS_FindLocaleName
Java_com_sun_javafx_font_directwrite_OS_GetAlphaTextureBounds
Java_com_sun_javafx_font_directwrite_OS_GetAnalysis
Java_com_sun_javafx_font_directwrite_OS_GetDataPointer
Java_com_sun_javafx_font_directwrite_OS_GetDesignGlyphMetrics
Java_com_sun_javafx_font_directwrite_OS_GetFaceNames
Java_com_sun_javafx_font_directwrite_OS_GetFamilyNames
Java_com_sun_javafx_font_directwrite_OS_GetFirstMatchingFont
Java_com_sun_javafx_font_directwrite_OS_GetFont
Java_com_sun_javafx_font_directwrite_OS_GetFontCount
Java_com_sun_javafx_font_directwrite_OS_GetFontFamilyCount
Java_com_sun_javafx_font_directwrite_OS_GetFontFamily__J
Java_com_sun_javafx_font_directwrite_OS_GetFontFamily__JI
Java_com_sun_javafx_font_directwrite_OS_GetFontFromFontFace
Java_com_sun_javafx_font_directwrite_OS_GetGlyphPlacements
Java_com_sun_javafx_font_directwrite_OS_GetGlyphRunOutline
Java_com_sun_javafx_font_directwrite_OS_GetGlyphs
Java_com_sun_javafx_font_directwrite_OS_GetInformationalStrings
Java_com_sun_javafx_font_directwrite_OS_GetLength
Java_com_sun_javafx_font_directwrite_OS_GetSimulations
Java_com_sun_javafx_font_directwrite_OS_GetStart
Java_com_sun_javafx_font_directwrite_OS_GetStretch
Java_com_sun_javafx_font_directwrite_OS_GetStride
Java_com_sun_javafx_font_directwrite_OS_GetString
Java_com_sun_javafx_font_directwrite_OS_GetStringLength
Java_com_sun_javafx_font_directwrite_OS_GetStyle
Java_com_sun_javafx_font_directwrite_OS_GetSystemFontCollection
Java_com_sun_javafx_font_directwrite_OS_GetWeight
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetClusterMap
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetFontFace
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphAdvances
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphCount
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphIndices
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphOffsets
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetLength
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetStart
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetTotalGlyphCount
Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererNext
Java_com_sun_javafx_font_directwrite_OS_Lock
Java_com_sun_javafx_font_directwrite_OS_Next
Java_com_sun_javafx_font_directwrite_OS_Release
Java_com_sun_javafx_font_directwrite_OS_SetTextAntialiasMode
Java_com_sun_javafx_font_directwrite_OS_SetTransform
Java_com_sun_javafx_font_directwrite_OS__1D2D1CreateFactory
Java_com_sun_javafx_font_directwrite_OS__1DWriteCreateFactory
Java_com_sun_javafx_font_directwrite_OS__1NewJFXTextAnalysisSink
Java_com_sun_javafx_font_directwrite_OS__1NewJFXTextRenderer
Java_com_sun_javafx_font_directwrite_OS__1WICCreateImagingFactory

Sections

Size: 18KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 18KB - Virtual size: 35KB

Size: 5KB - Virtual size: 22KB

Size: 512B - Virtual size: 2KB

Size: 2KB - Virtual size: 3KB

Size: 512B - Virtual size: 912B

Size: 512B - Virtual size: 176B

.edata Size: 5KB - Virtual size: 5KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.themida Size: - Virtual size: 5.9MB

.boot Size: 3.5MB - Virtual size: 3.5MB

.edata
Size: 5KB - Virtual size: 5KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.9MB

.boot
Size: 3.5MB - Virtual size: 3.5MB