HorionInjector[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HorionInjector.exe
Size

148KB
MD5

b481e33f1d644ed1fd08a5abb5add8fe
SHA1

875e71d8c80c3fae5fa713cc15d5bff0afed18c9
SHA256

ee54fe86d8483bd65357717a4e86dd0b54114fa1e6d7bf938b8e3c331cc354a7
SHA512

33c70037d85f82df5a0c6c6ce269b47421e5c94d293a3a7f495399bfba227334ba9d6c1e555c5241387622e9b7cc4b81187aa783a04a325a004aa1434d06c3c0
SSDEEP

3072:8bI9HqUGSCoEslON/q178+oO3BAE4T/iNvue+:8bI9HqUGSCPBh+7VST/i0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HorionInjector.exe

Files

HorionInjector.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\los21\Documents\Projects\Injector\HorionInjector\obj\x64\Debug\net48\HorionInjector.pdb

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ