injector[.]exe

General

Target

injector.exe
Size

716KB
MD5

1bf48e61b9ad6176b1f88e617a17484a
SHA1

c2d4e900d1b88129ca7fefb125d4e994955d2083
SHA256

816c883ad3b068b35d0bc4f11c267c2e0c89dd12c575a283cc7a5f2ec2afabd3
SHA512

aa4bbcd6f7daf45941fe5f738a831fa9204a7f889909bf11155d71882e45ea02b96b56d27dc6ee5bba8169e32bcfa67713c487e7210c940ee18e397de522f7ec
SSDEEP

12288:uFsdmyydiS5ysKQC/KToPEHrLg1lE5OnWYWtRn/MhnoW1YV1JEmXxbVUz3cgt3v2:uuQyydiSdKQ2KT0UfSlE5yuh/ynzG1XJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
injector.exe
unpack001/out.upx

Files

injector.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 702KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 708KB - Virtual size: 714KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.3MB

UPX1 Size: 702KB - Virtual size: 704KB

.rsrc Size: 13KB - Virtual size: 16KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 153KB - Virtual size: 152KB

.data Size: 708KB - Virtual size: 714KB

.pdata Size: 21KB - Virtual size: 21KB

.detourc Size: 8KB - Virtual size: 8KB

.detourd Size: 512B - Virtual size: 24B

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 3KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 1.3MB

UPX1
Size: 702KB - Virtual size: 704KB

.rsrc
Size: 13KB - Virtual size: 16KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 153KB - Virtual size: 152KB

.data
Size: 708KB - Virtual size: 714KB

.pdata
Size: 21KB - Virtual size: 21KB

.detourc
Size: 8KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 24B

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 3KB - Virtual size: 2KB