54201a5755d4cee55b796b7527fa047a930333c6e33631f6ca8b749bef9f18afN

Sharing

Copy URL

Twitter E-mail

General

Target

54201a5755d4cee55b796b7527fa047a930333c6e33631f6ca8b749bef9f18afN
Size

6.4MB
MD5

d19d7e30d20b51d7ed288b3de3123e60
SHA1

dc67267c421f79b8387633110efe2321d746ffe3
SHA256

54201a5755d4cee55b796b7527fa047a930333c6e33631f6ca8b749bef9f18af
SHA512

7521de123b5ffe90b12d2fa1845bb905aa172c12205976e706b7a01a80d457ac1229c2d54d0db2c3cb50f7b3edf31ad6bd3914b2990abd0b92a2d21cca2cf3a2
SSDEEP

196608:sIWXq/3nP6hxp6pvxXaqaxaLXR4SH5EvKmYyT:sIIqfPGxy5AxaLhrKtYyT

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54201a5755d4cee55b796b7527fa047a930333c6e33631f6ca8b749bef9f18afN

Files

54201a5755d4cee55b796b7527fa047a930333c6e33631f6ca8b749bef9f18afN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 819KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3.3MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 38KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 509B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 819KB - Virtual size: 1.8MB

Size: 3.3MB - Virtual size: 6.4MB

Size: 38KB - Virtual size: 432KB

Size: 5KB - Virtual size: 36KB

Size: 5KB - Virtual size: 24KB

Size: - Virtual size: 4KB

.imports Size: 1024B - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 17KB

.themida Size: - Virtual size: 3.7MB

.boot Size: 2.3MB - Virtual size: 2.3MB

.taggant Size: 8KB - Virtual size: 8KB

.text Size: 512B - Virtual size: 509B

.imports
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 17KB

.themida
Size: - Virtual size: 3.7MB

.boot
Size: 2.3MB - Virtual size: 2.3MB

.taggant
Size: 8KB - Virtual size: 8KB

.text
Size: 512B - Virtual size: 509B