Infamous Loader[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Infamous Loader.exe
Size

40.5MB
MD5

a155c124592f36de7cf7a8f09f72bdd4
SHA1

eb54b3879149766a8595e61f28f33fc6b105ff10
SHA256

1f30f7e7f72c794417147806070bf0ee56ee0ade03a392704168250d26b05a1e
SHA512

242276430abc842fef8a0173136b5651657e121d059ca85f785cda5be726acd6503df83ca97c3549d47d490d6b37addc8d7c97e26ba5dfb3a0042cc935ac361a
SSDEEP

786432:mwaoPCkiw9yn07mDemycjOxW77aDAkJBn8uB3M9PF7AmDEJvs242gQ26GC:ZaoKc0nPDfycCxW77T0B8uBcxAmD20tI

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Infamous Loader.exe

Files

Infamous Loader.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 599KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 118KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 34.0MB - Virtual size: 34.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 7KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 599KB - Virtual size: 1.3MB

Size: 118KB - Virtual size: 283KB

Size: 34.0MB - Virtual size: 34.0MB

Size: 25KB - Virtual size: 44KB

Size: 7KB - Virtual size: 102KB

Size: 1KB - Virtual size: 4KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 102KB - Virtual size: 102KB

.themida Size: - Virtual size: 9.6MB

.boot Size: 5.6MB - Virtual size: 5.6MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 102KB - Virtual size: 102KB

.themida
Size: - Virtual size: 9.6MB

.boot
Size: 5.6MB - Virtual size: 5.6MB

.reloc
Size: 16B - Virtual size: 4KB