9134dbb0be87ad3c111a4bad5a6aae8af56cbae0b5c67f2a584f662f7cfe0b6d

Resubmissions

13/09/2024, 13:41

240913-qzlbvasfnp 9

11/09/2024, 14:02

240911-rchg4sthpr 9

05/09/2024, 11:38

240905-nr29aazcrr 9

05/09/2024, 11:31

240905-nm55dazhmf 9

Sharing

Copy URL Twitter E-mail

General

Target

9134dbb0be87ad3c111a4bad5a6aae8af56cbae0b5c67f2a584f662f7cfe0b6d
Size

100.9MB
MD5

ccd5a8f11035b888a7a3de6035ac272e
SHA1

c0100cd4d43c239e2519adc64b5d24ab04ef99ef
SHA256

9134dbb0be87ad3c111a4bad5a6aae8af56cbae0b5c67f2a584f662f7cfe0b6d
SHA512

17cc87b028fd5f5668e2266a150afd18cfe9fd9ab4cbe7e847963c0340fc6986e5c9e0e6eb1ae6c16b78880ec5e53bc524b3a8c33277f54f196819cf71904760
SSDEEP

98304:rRJplMQi/I2bqTytmTHsMi3zGM6MgMGAPDaiYE8fczRKhBoaf0z90bh:rR7WQkqTqmTMN3zG+GAP+iYE8E8hQeF

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9134dbb0be87ad3c111a4bad5a6aae8af56cbae0b5c67f2a584f662f7cfe0b6d

Files

9134dbb0be87ad3c111a4bad5a6aae8af56cbae0b5c67f2a584f662f7cfe0b6d
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Run
Start

Sections

Size: 78KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 78KB - Virtual size: 134KB

Size: 18KB - Virtual size: 34KB

Size: 2KB - Virtual size: 17KB

Size: 5KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 7.8MB

.boot Size: 4.8MB - Virtual size: 4.8MB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 7.8MB

.boot
Size: 4.8MB - Virtual size: 4.8MB