General
-
Target
injector.exe
-
Size
14.2MB
-
MD5
15e1e3c3b81e3cd8cfef96ba45b746e3
-
SHA1
22864953ddde37391583e75eab20813847c04f70
-
SHA256
536687b2ca7e0881e66e710ee1ea0ca80b37b69e1be1f2079bfd38b7282f2b8b
-
SHA512
4d34d2c189dd27da3cf5d2384e8b04f8cfb6c943c14f81e9752a93b525c5db17338b5faf636e31105c9952d7157a5d9832a70db6e70382af20a66fcbb94b8a97
-
SSDEEP
393216:elTj6v2TNye8QBWC3SXqFp4KDOlKu0xZZXob6WwMCoaJUG3:e5jkiNH8YL3SXVkOlKu+ZZXobgZr
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource injector.exe
Files
-
injector.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 4.6MB - Virtual size: 13.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 110KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 8KB - Virtual size: 532KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 79KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 3.2MB - Virtual size: 9.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 9.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ