inject64[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

inject64.exe
Size

14KB
MD5

09ffd4dcb64d7920f49d779699569885
SHA1

f73d57c474aa618c61bbc3b9c44f301c78465011
SHA256

0b61ced21023ef811578b8b3991a599b14c07d48a9800ca04993d305e42d41fc
SHA512

394fbfebcf4eee3156d8f821cf194def3e781d2f12c221747213011fa7fcedb29642ece3888b035faa0bcdc571de254907e2dd0fe874e0a2a8a7ee26b5613a1f
SSDEEP

192:zfnRv06MuMl1lr9W1Be9bJR3LcJPMn2FzCOM+aXsD00f+W5tfnXU/3C:zfnRv02Ml1lJXKM2F+dC0s+I6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
inject64.exe

Files

inject64.exe
.exe windows:6 windows x64 arch:x64

f98a758a7a800ac8c9ade3bec1e0452a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateToolhelp32Snapshot
GetExitCodeThread
Sleep
GetLastError
Process32NextW
Process32FirstW
CloseHandle
LoadLibraryW
OpenProcess
VirtualAllocEx
LocalFree
VerSetConditionMask
CreateRemoteThread
VerifyVersionInfoW
VirtualFreeEx
IsWow64Process
GetFileAttributesW
WaitForSingleObject
SetEnvironmentVariableW
GetCurrentDirectoryW
WriteProcessMemory
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW

advapi32

SetNamedSecurityInfoW
GetNamedSecurityInfoW
ConvertStringSidToSidW
SetEntriesInAclW

vcruntime140

__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__acrt_iob_func
__p__commode
__stdio_common_vfwprintf

api-ms-win-crt-string-l1-1-0

wcscat_s

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_c_exit
_crt_atexit
terminate
_cexit
exit
__p___wargv
_register_thread_local_exe_atexit_callback
__p___argc
_exit
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_register_onexit_function
_set_app_type
_seh_filter_exe
_initterm_e

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f98a758a7a800ac8c9ade3bec1e0452a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 444B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 28B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 444B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 28B