TeaInjector[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TeaInjector.exe
Size

11.0MB
MD5

d48f33c10ee5a00527fb9ffde923a159
SHA1

8d66db71856c93a49a39ee5b7ce1ef6f514a7fd2
SHA256

27bc35e09494232a9603f0950363fcaf8438f82941708edc251c73e047de3eca
SHA512

9c6ac1ad9d7de1ae6e2d3d300d843b9c6c88ebe55fa3507ebb1d83df6d765d0b1a2bdf8d51475f3b6a9690554bf161b3bbdf7faffec3939f59bd86453c8aedea
SSDEEP

196608:GZ0hFrI+XsbBxyXx6eA7YEwnMmTzL/YWDZ0hFrI+XsbBxyXx6eA7YEwnMmTzL/YW:G+F0+XsbBxhMEwMmTPY4+F0+XsbBxhM4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TeaInjector.exe

Files

TeaInjector.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\jrrie\source\repos\TeaInjector (Open with VS)\TeaInjector\obj\x86\Release\TeaInjector.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10.8MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ