440886822405e46946b4088831138bc0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

440886822405e46946b4088831138bc0N.exe
Size

6.4MB
MD5

440886822405e46946b4088831138bc0
SHA1

6addddca3220c4c65360ecc548d133176d75f6d1
SHA256

85d3385e306302eb5bb29cb63cb5ff5afced61d4f96937f0b28780f79493bfec
SHA512

c647bac8af8f04ebe4ea9e7d19647f9f76cbc5606bb5009b93b758a0ede18f50fb1ce292b94e630e5ee4e825f379b2ca1421eaa86d106e25040376f3e9fd9744
SSDEEP

98304:msVvJToLjky1dN5im+oIC7SU24wZfNqhYO5XRMN+X8PBoDypRTRtVsbcosKuxxuG:JjU3P5+oNvmfchYoRMpoDypRqbvssVjY

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440886822405e46946b4088831138bc0N.exe

Files

440886822405e46946b4088831138bc0N.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 1.6MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 336KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 109KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 11KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.6MB - Virtual size: 4.9MB

Size: 336KB - Virtual size: 1.1MB

Size: 5KB - Virtual size: 61KB

Size: 109KB - Virtual size: 198KB

Size: 1KB - Virtual size: 20KB

Size: 512B - Virtual size: 6KB

Size: 512B - Virtual size: 373B

Size: 512B - Virtual size: 1KB

Size: 11KB - Virtual size: 55KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 7KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 7.2MB

.boot Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 7.2MB

.boot
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 16B - Virtual size: 4KB