43f903661c7e9ce7c9d2f750d611d1358c0e350aaa52168306e9fd3ed2e1bfdc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43f903661c7e9ce7c9d2f750d611d1358c0e350aaa52168306e9fd3ed2e1bfdc
Size

10.6MB
MD5

a3a418349a43d67e1b8f5b298b3991ac
SHA1

5f09ab8fe232c22f7020f0d79b438b93d7c766dc
SHA256

43f903661c7e9ce7c9d2f750d611d1358c0e350aaa52168306e9fd3ed2e1bfdc
SHA512

20240c3ed37b3b0198ac4647dec2dc767d63e40bfbc4c69603b23ebf0ed116f3f32c985efc4d76b5cf0b7d69598877bc442687b2afeeacb7bd1bb9b7352d63c5
SSDEEP

196608:Ig0HggLInvqGK7/xc8SLiui1hd5SP6amisQKhIfXErOocnRPkhQ6tLQa62Wa2vJ:Bhg0njC/xF0qx5KW26OoKPCtLu2E

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43f903661c7e9ce7c9d2f750d611d1358c0e350aaa52168306e9fd3ed2e1bfdc

Files

43f903661c7e9ce7c9d2f750d611d1358c0e350aaa52168306e9fd3ed2e1bfdc
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 2.5MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 513KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 19KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 11KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 103KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 165KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ