home

injector.exe

MD5:
14be55cd19710602a82bc0070736af55

SHA-1:
367ba6634152d1462600f4662dba0fb80ce3a3ba

SHA-256:
be5f0473b71401ae212047f219ab6c097e0dcf922aa521690b74b8704f277ff3

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 3:00:58 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Heuristic-KPP
v6.4.7.1.166

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

VIPRE Antivirus
RiskTool.Win32.ProcessPatcher.Sml!cobra
46466

Zillya! Antivirus
Exploit.Pdfka.Win32.406
2.0.0.2605

File size:
13.5 KB (13,824 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/6/2015 1:32:18 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
192:39TKKLKk/garmD5L+KHjsHIT8948VgzVAL2eMVkdunQV9ZfrA3K1PbKsnz41J:NLLHuZ+KHjsoT+4ye6V9ZfrtDK8s1

Entry address:
0x2027

Entry point:
E8, 45, 04, 00, 00, E9, 91, FE, FF, FF, 55, 8B, EC, FF, 15, 44, 30, 40, 00, 6A, 01, A3, 24, 54, 40, 00, E8, 3A, 05, 00, 00, FF, 75, 08, E8, 38, 05, 00, 00, 83, 3D, 24, 54, 40, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 20, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, 21, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 32, 05, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 08, 52, 40, 00, 89, 0D, 04, 52, 40, 00, 89, 15, 00, 52, 40, 00, 89, 1D, FC, 51, 40, 00, 89, 35, F8, 51, 40, 00, 89, 3D, F4...
 
[+]

Entropy:
5.6554

Code size:
6 KB (6,144 bytes)

The file injector.exe has been seen being distributed by the following 3 URLs.

https://ln.sync.com/mfs-ac3d9f95d4fdceb38e80a1c7254da76567b4929cff272c042b1afdd1549892914/.../injector.exe

https://ln.sync.com/mfs/.../injector.exe

https://www.dropbox.com/sh/5k71ezsqk6px1qa/.../injector.exe

Scan injector.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.