R3nzSkin_Injector[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

R3nzSkin_Injector.exe
Size

318KB
MD5

3a233e7323d0f8222a06d2a7076ccf95
SHA1

23caa9cb78d8c758324d8229d44a38b48f83bf2b
SHA256

f66d5390ea092a0b7f7dd7455d94c4ca52ad06332df3cfdb2a1fd5c6d1c1d16b
SHA512

322cf07eb28164eb5e90e90fda6614bbabce55468e33ef4883acc5ef559acaae343a1d934a363494eac7c9181a68f7ee0546c0ab283a3001a9caa6416c02bc9d
SSDEEP

1536:drC7qrbotGXWL1b4gArZ3bqDHZ4K5k9oQhQsFk+MfcHa6JXtWwmDo1owr:d6AotGK1yBbqDOcoQsFk+kIXw1Do1ow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
R3nzSkin_Injector.exe

Files

R3nzSkin_Injector.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nep
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ