General
-
Target
Injector.exe
-
Size
328KB
-
MD5
403a0f334373794b187ce6d8d180d391
-
SHA1
7e449d00d50c6d1926c42212ac0a9892f6cf9c40
-
SHA256
33121473f7797a5634e99d73ab9b05c58b5d83b154ff7261d5fd34c044cfddfa
-
SHA512
e946c0f4226e509a57ea64bca94dea2a8dd3c4635acfdf25706a9e455e30a784ed8841fffdd3c9ded704874746bcf9a8f5b5abc61ed5d07ede494a5d98096fd0
-
SSDEEP
6144:/q/fEWXafm4serf7Sa64R8vOFKn3aUeqXqGFTeJjFM/mTr:BWXafmfe7K4NWaUeqXAJS/q
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Injector.exe
Files
-
Injector.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: - Virtual size: 79KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp0 Size: - Virtual size: 158KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 322KB - Virtual size: 322KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ