6a522a076a2d7f30181e4b880c31e887d229288da68065be08bac8c65e038f4c

Sharing

Copy URL

Twitter E-mail

General

Target

6a522a076a2d7f30181e4b880c31e887d229288da68065be08bac8c65e038f4c
Size

942KB
MD5

3fcc0af783b63830a3ac0582100f078e
SHA1

1900f94d318dd259f941813dd755490ddfda6008
SHA256

6a522a076a2d7f30181e4b880c31e887d229288da68065be08bac8c65e038f4c
SHA512

722603516f2816b76f88e48ed222cb6434e59138db2d98ee9ef977398b34fa57a9148a79c041ab064e08544b1dc68cb51e903d08ca10b3e0030570ba9e800529
SSDEEP

24576:Lsggjed9aFkY3Bguo418vRTByaoWwvZ7W:QBKdIXxgUiJkaoWwvZ7W

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a522a076a2d7f30181e4b880c31e887d229288da68065be08bac8c65e038f4c

Files

6a522a076a2d7f30181e4b880c31e887d229288da68065be08bac8c65e038f4c
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DSCChecksumTableDimension
DSCGetLastError
DSCNumeroWhoIsInEseguite
DSCWhoIs
DSCWhoIsDirect
DSChecksumTableElementByCodeNumber
DSChecksumTableElementByCodeString
DSChecksumTableElementByIndex

Sections

Size: 108KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 22KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 18KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.loadcon
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.boot
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 108KB - Virtual size: 331KB

Size: 22KB - Virtual size: 79KB

Size: 18KB - Virtual size: 574KB

Size: 1024B - Virtual size: 1KB

Size: 11KB - Virtual size: 22KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 2.0MB

.loadcon Size: 512B - Virtual size: 4KB

.boot Size: 777KB - Virtual size: 777KB

.reloc Size: 16B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 2.0MB

.loadcon
Size: 512B - Virtual size: 4KB

.boot
Size: 777KB - Virtual size: 777KB

.reloc
Size: 16B - Virtual size: 4KB