dontbescared[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

dontbescared.exe
Size

5.6MB
MD5

7c82329da127c438a6a6b307fb39f332
SHA1

ec13cb48b96c5b0dfdb6aff81f6a61508f23a903
SHA256

bdfdf74ad123e049202636b5d4477e3a1cc10698ab8e8d5c66ef45ede836b8b8
SHA512

744957a59e022f00523f780de742a9863886531002ec370b8787e1862b4e68b82ddeb041010157092ed767a9184ccd95761b63471cc21da4908bc8cce33002f3
SSDEEP

98304:4yGegubAJ9cRQi7N7b+vEG2Q+ckiztSPNcI:4yGegubl7bXG2jcPAT

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dontbescared.exe

Files

dontbescared.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 4KB - Virtual size: 10KB

.pdata Size: 8KB - Virtual size: 8KB

.00cfg Size: 512B - Virtual size: 56B

.gxfg Size: 8KB - Virtual size: 7KB

.retplne Size: 512B - Virtual size: 140B

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 424B

.reloc Size: 2KB - Virtual size: 2KB

.idata Size: 512B - Virtual size: 4KB

.themida Size: 5.3MB - Virtual size: 5.3MB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 4KB - Virtual size: 10KB

.pdata
Size: 8KB - Virtual size: 8KB

.00cfg
Size: 512B - Virtual size: 56B

.gxfg
Size: 8KB - Virtual size: 7KB

.retplne
Size: 512B - Virtual size: 140B

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 424B

.reloc
Size: 2KB - Virtual size: 2KB

.idata
Size: 512B - Virtual size: 4KB

.themida
Size: 5.3MB - Virtual size: 5.3MB