429d391c0615d44417cddb2d3e2accc5bf7ab4588d975ad741f41ad2d78c01e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

429d391c0615d44417cddb2d3e2accc5bf7ab4588d975ad741f41ad2d78c01e5
Size

10.5MB
MD5

faba8f5855d2723855f66a27c63e4b58
SHA1

ebc46dff318ec3f9e712109fd96e678abebe0ae2
SHA256

429d391c0615d44417cddb2d3e2accc5bf7ab4588d975ad741f41ad2d78c01e5
SHA512

34d8a57edf528dda3eded8c2b4c8b7dfafe2373f38a6de7b147b82f6b265f79dd247481a3784dce143ca53dc76888152b564dca4ba8b3755f50cd72018da2414
SSDEEP

196608:CGPIkDtgDfzH77IT8fUxdi0fBJasbc6XGLqfyuGppm+84Y66ohlV9b:xDtg33IT8uyQJgUyZl1BH9b

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429d391c0615d44417cddb2d3e2accc5bf7ab4588d975ad741f41ad2d78c01e5

Files

429d391c0615d44417cddb2d3e2accc5bf7ab4588d975ad741f41ad2d78c01e5
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 604KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 168KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 14.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ