GenericInjectorLucas_Install[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

GenericInjectorLucas_Install.exe
Size

25.4MB
MD5

37319789d8e92b82229c39ba30b8fe01
SHA1

253c1e1d01b91318e75d4a1976d84acfbcd00f77
SHA256

ae8f9917e06a7a514ca0305e880cf63d5dce0b461ab15fbc4d5df7383be1a87f
SHA512

2a10236f5e20a47e8edd191d18cfcd41f1d9d97ce2e607cb4febcd3b1ce47d9bd914732e7f7c3142572818626298933cf6976be1dc45225f6b678d0cf12971e0
SSDEEP

393216:B7srZPYtTuqLjUaCKU8Zp0wZH8/Z+ZqyRK7qrpThAkfZ5rk:pOZXnaCK3Zp00HtqMKONThA65o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GenericInjectorLucas_Install.exe

Files

GenericInjectorLucas_Install.exe
.exe windows:6 windows x64 arch:x64

e3bc95a0be84bf8213d3010022ebb8da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MapViewOfFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

FindWindowA

advapi32

CryptDestroyKey

shell32

ShellExecuteA

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

normaliz

IdnToAscii

wldap32

ord79

crypt32

CertFreeCertificateChain

ws2_32

socket

rpcrt4

UuidToStringA

psapi

GetModuleInformation

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler

api-ms-win-crt-convert-l1-1-0

strtod

api-ms-win-crt-stdio-l1-1-0

fread

api-ms-win-crt-heap-l1-1-0

calloc

api-ms-win-crt-runtime-l1-1-0

_set_app_type

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-filesystem-l1-1-0

_lock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-string-l1-1-0

tolower

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-utility-l1-1-0

qsort

Sections

.text
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Yg?
Size: - Virtual size: 15.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.M%r
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.W0D
Size: 25.4MB - Virtual size: 25.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3bc95a0be84bf8213d3010022ebb8da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcp140

normaliz

wldap32

crypt32

ws2_32

rpcrt4

psapi

vcruntime140_1

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: - Virtual size: 420KB

.rdata Size: - Virtual size: 103KB

.data Size: - Virtual size: 4KB

.pdata Size: - Virtual size: 17KB

.Yg? Size: - Virtual size: 15.3MB

.M%r Size: 4KB - Virtual size: 4KB

.W0D Size: 25.4MB - Virtual size: 25.4MB

.reloc Size: 512B - Virtual size: 272B

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 420KB

.rdata
Size: - Virtual size: 103KB

.data
Size: - Virtual size: 4KB

.pdata
Size: - Virtual size: 17KB

.Yg?
Size: - Virtual size: 15.3MB

.M%r
Size: 4KB - Virtual size: 4KB

.W0D
Size: 25.4MB - Virtual size: 25.4MB

.reloc
Size: 512B - Virtual size: 272B

.rsrc
Size: 512B - Virtual size: 469B