BsW8ClNkDvW9QNk8Gp6JMK[.]exe

Resubmissions

30/03/2025, 21:03

250330-zvz4waw1e1 7

30/03/2025, 21:02

250330-zvl71sw1ew 7

Sharing

Copy URL

Twitter E-mail

General

Target

BsW8ClNkDvW9QNk8Gp6JMK.exe
Size

5.2MB
MD5

dc8dd738191dd7e258ebf6b7f0bef1a5
SHA1

356eb9e009601a95eb212f9bf009fd39a5f3fa72
SHA256

8cfd962982014258c084daa77f801322b0b2a6bdb5fb0394605b2043f49ffb91
SHA512

7a9021debb6a1222be53c8d6971a26566dadf579b229624e4b92e756dd127278414251708cd28f470e419eb1920dbc48af3accbee63dd71ba14927a8fd989478
SSDEEP

98304:jkfOWkdppOZpKRy1qw0DbrG0SQj1otR8Jc4s14Srv1pjDb:juk4fKbvrRSu1wug1Hrv1pnb

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BsW8ClNkDvW9QNk8Gp6JMK.exe

Files

BsW8ClNkDvW9QNk8Gp6JMK.exe
.exe windows:6 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 566KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 117KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 25KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

Size: 566KB - Virtual size: 1.2MB

Size: 117KB - Virtual size: 230KB

Size: 1KB - Virtual size: 8KB

Size: 25KB - Virtual size: 42KB

Size: 3KB - Virtual size: 9KB

Size: 1KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 5KB

.themida Size: - Virtual size: 6.6MB

.boot Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 16B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 5KB

.themida
Size: - Virtual size: 6.6MB

.boot
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 16B - Virtual size: 4KB