Static task
static1
General
-
Target
Injector.exe
-
Size
9.9MB
-
MD5
30e56cddefff906ec5fbace7e6d0862b
-
SHA1
2b51c6e6eccdd1c520f4e8f5ce8efab429e02c3c
-
SHA256
c5f71e0f0546b7c237db117da366668087bdb817ce2ed55a4c908c2d942842f2
-
SHA512
5a766343c6eee5ecd4e6b3965bb4a1934715234505f9aeb5d69771224348863d736d9545a9a9eecbb05da0d1bd8676a22133c4501a1e6d1a8dbf332411ee0133
-
SSDEEP
196608:xxgakPh1JOEKwqozcWPCJ9xkiv+CQbC8Gnr9WTyItJ/gV5twoZAzfEK2:3gvDTSEEuGQZYV8WKW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Injector.exe
Files
-
Injector.exe.exe windows:6 windows x64 arch:x64
c0059c1ba8f10e5b90f9fa85e4c75a58
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
OpenProcess
ReadProcessMemory
CreateToolhelp32Snapshot
Thread32First
Thread32Next
OpenThread
WriteProcessMemory
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
CreateFileMappingW
CloseHandle
GetEnvironmentVariableW
GetCurrentDirectoryW
GetFileAttributesW
GetSystemDirectoryW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetModuleHandleW
GetProcAddress
ActivateActCtx
DeactivateActCtx
Module32FirstW
WriteConsoleW
LocalFree
GetLastError
MapViewOfFile
GetCommandLineW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FormatMessageA
GetLocaleInfoEx
FindClose
FindFirstFileExW
FindNextFileW
AreFileApisANSI
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetCPInfo
GetModuleFileNameW
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetProcessHeap
GetFileType
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
shell32
CommandLineToArgvW
advapi32
RegEnumValueW
LookupPrivilegeValueW
RegOpenKeyW
Sections
.text Size: - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.i_sec Size: - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.#S1 Size: - Virtual size: 5.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.J<c Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.=I6 Size: 9.9MB - Virtual size: 9.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ