HorionInjector[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HorionInjector.exe
Size

148KB
MD5

a7e3640481e142b0f65e8bd0373fb819
SHA1

31309696f725615ec07a331098d3a4e426c5e06c
SHA256

9461838497366b55f2577682e272bf3afe2a1ed27b36ce04687aa2f8371fc7c8
SHA512

a5511fe89eba2626f7c813543159391c807c949a8894c83fbeb44d761d518e2ab88624204dd9a5041acb9f551bef126ff2f9a6e3714bc4202e3e049194d627fc
SSDEEP

3072:Nb/HqUGSCoEslON/q178+oO3BAE4T/9rvueZ:Nb/HqUGSCPBh+7VST/9Ce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HorionInjector.exe

Files

HorionInjector.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\los21\Documents\Projects\Injector\HorionInjector\obj\x64\Debug\net48\HorionInjector.pdb

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ