Prestige-Injector[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Prestige-Injector.exe
Size

6.6MB
MD5

937b1b80fbaaf24603dc8ba6a5061ee0
SHA1

597561831f32ce7a637657210975b7a0d203a99a
SHA256

1e2e356016e22f3964a304ca5bfe58c1b3aa84d597039f601d8fc7b90e73e627
SHA512

4b79ed3cf3da8d3523e0133ad10d9c5f0d25c6a3edd5bcef5ef404b26aa774adb65fdb963c5be69317b2a8ae5c2d27f63634a43a5bd08ca0524ab3843c275851
SSDEEP

196608:FFOUNCom/TkW+l+yl93pwYZEtBcH7qnhSMw:HvwzNS9ZpEobqnM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Prestige-Injector.exe

Files

Prestige-Injector.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

??0DllManager@@QEAA@XZ
??1DllManager@@QEAA@XZ
?DisableDllRedirection@DllManager@@QEAAXXZ
?EnableDllRedirection@DllManager@@QEAA_NXZ
?InjectDllIntoProcess@DllManager@@QEAA_NPEAXPEB_W@Z
?IsEnabled@DllManager@@QEBA_NXZ
?LoadLibraryW@DllManager@@QEAAPEAUHINSTANCE__@@PEB_W@Z
?MhCall@DllManager@@AEAA_NH@Z
?RamLoadLibrary@DllManager@@QEAAPEAUHINSTANCE__@@PEB_W@Z
?SetDllFile@DllManager@@QEAA_NPEB_W0PEBXH@Z
?WinApiCall@DllManager@@QEAA_N_N@Z

Sections

Size: 689KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 151KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 75KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 37KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Prestige
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 689KB - Virtual size: 1.3MB

Size: 151KB - Virtual size: 354KB

Size: 75KB - Virtual size: 168KB

Size: 37KB - Virtual size: 62KB

Size: 512B - Virtual size: 348B

Size: 512B - Virtual size: 656B

Size: 3KB - Virtual size: 10KB

.edata Size: 1024B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

Prestige Size: - Virtual size: 8.2MB

.boot Size: 5.7MB - Virtual size: 5.7MB

.reloc Size: 16B - Virtual size: 4KB

.edata
Size: 1024B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

Prestige
Size: - Virtual size: 8.2MB

.boot
Size: 5.7MB - Virtual size: 5.7MB

.reloc
Size: 16B - Virtual size: 4KB