363108d651fdaa2b799b73018a910f9c55fbbb7025761eabb37a673d5650542d[.]exe | Triage

Sharing

General

Target

363108d651fdaa2b799b73018a910f9c55fbbb7025761eabb37a673d5650542d.exe
Size

31.0MB
MD5

8f83513e7e3638b5a61c5e7f40f51c7e
SHA1

e181ecf02f5575849e64f267fa733a83630191ee
SHA256

363108d651fdaa2b799b73018a910f9c55fbbb7025761eabb37a673d5650542d
SHA512

c26ae71b83354a2a9fad7e5f12e6cd7de20defd455fd56cbaadc51e65a91ab506c0b98525244f6b4db25eb4586bef49f4dbb1f3e59c54312721da52c9974f091
SSDEEP

786432:FjWc2f/LEmPTH4ccIAcuQ64skTX3KchPau56pIUWCkGm:xWpT9PcZ864s6HKchPipIUWC9m

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
363108d651fdaa2b799b73018a910f9c55fbbb7025761eabb37a673d5650542d.exe

Files

363108d651fdaa2b799b73018a910f9c55fbbb7025761eabb37a673d5650542d.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

Size: 919B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 27.9MB - Virtual size: 27.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ