04f0e92fd54a5dc1e61e52a90477e47df1b2554e39a31cb7d823270eeb2a0d66

Sharing

Copy URL Twitter E-mail

General

Target

04f0e92fd54a5dc1e61e52a90477e47df1b2554e39a31cb7d823270eeb2a0d66
Size

6.5MB
MD5

211a6a5c46284b66fa77ce65f57d168d
SHA1

382cbbfdfdeb0eea9f0fc6e60d0df8bc6709cb51
SHA256

04f0e92fd54a5dc1e61e52a90477e47df1b2554e39a31cb7d823270eeb2a0d66
SHA512

77f62aea3976a9e2199d3738bbe3fe768c6e49a60f316f64fe93a1b6afbc61a580c7c9e7c8cbb0f6f9ef2be3f1eeb619b753d7e0a9cdcbbafd6f32e0ef250fa0
SSDEEP

196608:WyXbdLa1PZO4bKd+efYp29nDICDrfjM8jTXtMMKKnZk:XrdeZZO4bKAefYpI5zMKTSMHnZk

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04f0e92fd54a5dc1e61e52a90477e47df1b2554e39a31cb7d823270eeb2a0d66

Files

04f0e92fd54a5dc1e61e52a90477e47df1b2554e39a31cb7d823270eeb2a0d66
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 1.3MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 363KB - Virtual size: 862KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 7KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 62KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 137B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 275B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.3MB - Virtual size: 2.6MB

Size: 363KB - Virtual size: 862KB

Size: 7KB - Virtual size: 68KB

Size: 62KB - Virtual size: 108KB

Size: 137B - Virtual size: 244B

Size: 275B - Virtual size: 488B

Size: 8KB - Virtual size: 30KB

.imports Size: 1024B - Virtual size: 4KB

.tls Size: 5KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 8.8MB

.boot Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 1024B - Virtual size: 4KB

.tls
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 8.8MB

.boot
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 16B - Virtual size: 4KB