General
-
Target
Rage Injector v2.0.exe
-
Size
444KB
-
Sample
210408-d5j29hx4ms
-
MD5
3cd5c25179eb316711630698a713b187
-
SHA1
d77ec46b4bd6d47e4b167ce1aaabec72981730a6
-
SHA256
f4f845267f7126cfdfc8ca2aa6ebe1dd3833a74e393b1d0acf76cb33acb3e740
-
SHA512
ef7f6dbcaba58289b61fb9bc29d1707caa9d66e8f662a79a29af38cc2fb8e25054e5e7157263c70e93c852d2cf5780e2df3bdacc3d567d4cedf26cd2d5502652
Static task
static1
Behavioral task
behavioral1
Sample
Rage Injector v2.0.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
Rage Injector v2.0.exe
-
Size
444KB
-
MD5
3cd5c25179eb316711630698a713b187
-
SHA1
d77ec46b4bd6d47e4b167ce1aaabec72981730a6
-
SHA256
f4f845267f7126cfdfc8ca2aa6ebe1dd3833a74e393b1d0acf76cb33acb3e740
-
SHA512
ef7f6dbcaba58289b61fb9bc29d1707caa9d66e8f662a79a29af38cc2fb8e25054e5e7157263c70e93c852d2cf5780e2df3bdacc3d567d4cedf26cd2d5502652
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-