injector[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

injector.exe
Size

280KB
MD5

ec2e9d572261fde945e73cb0d55faa4b
SHA1

90747ad0ceb766f694b3245127e79280345d3e26
SHA256

6fece2dbbbecda6ae45cf40afae1aadca9e868742f21845b804a1f8c349f72bc
SHA512

3b01d903100049a0664efb82a2337b5a056c422d4ea216efa488a4504e5664f69b3f86cb7073885e813be42f28d3df7b89355f61407a08cd88bf76be384ef174
SSDEEP

6144:QrgULUtrDdIZG2nqJElpL3im9+3Kz9BngKbtPLLd5MDLjwiYHZG:R96TnSEl1yt6zzng0LkwiEG

Score

N/A

Malware Config

Signatures

Files

injector.exe
.exe windows x64

de47f3d8e9694998aea2e4b39844cddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
UpdateProcThreadAttribute
CloseHandle
DeleteProcThreadAttributeList
Process32First
CreateToolhelp32Snapshot
Process32Next
GetExitCodeProcess
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
Sleep
WaitForSingleObject
FormatMessageA
LocalFree
GetStdHandle
SetConsoleTextAttribute
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
ResumeThread
OpenProcess
InitializeProcThreadAttributeList
VirtualFreeEx
GetCurrentProcess
SetCurrentDirectoryW
GetCurrentDirectoryW
InitializeSListHead
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
ReleaseSRWLockExclusive

comdlg32

GetOpenFileNameA

advapi32

OpenProcessToken
CreateProcessAsUserA

msvcp140

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??Bid@locale@std@@QEAA_KXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Xtime_get_ticks
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Syserror_map@std@@YAPEBDH@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
memmove
_purecall
memset
memcmp
memcpy
__std_terminate
__C_specific_handler
__std_exception_copy
__current_exception_context
__current_exception
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_initterm
_c_exit
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe
_cexit
exit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
system
_invalid_parameter_noinfo_noreturn
terminate
_crt_atexit
_exit
__p___argv
__p___argc
_get_initial_narrow_environment

api-ms-win-crt-stdio-l1-1-0

ungetc
fgetc
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf
fflush
_set_fmode
__p__commode
fputc
ftell
fclose
_get_stream_buffer_pointers
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf_s
fread
fputs
__stdio_common_vsprintf
fopen_s
fseek

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

api-ms-win-crt-time-l1-1-0

_gmtime64_s

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de47f3d8e9694998aea2e4b39844cddc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 220KB - Virtual size: 220KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 512B - Virtual size: 308B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 220KB - Virtual size: 220KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 308B