EvolutInjector.exe
First submission 2024-09-03 00:32:01
Last sumbission 2024-09-03 00:33:02
File details
File type: | PE32 executable (console) Intel 80386, for MS Windows |
Mime type: | application/x-dosexec |
File size: | 76.0 KB (77824 bytes) |
Compile time: | 2022-09-05 21:37:06 |
MD5: | 34563cc2fcd4e6e5b0063cbc0ffce9c1 |
SHA1: | 325d256405aa1cb044237c05b2275342377fd6de |
SHA256: | bbb81a7571c503d859b2150c7741ac69b3308ad494a897d93cc0d0b371b7b5f1 |
Import Hash : | 31c1dfad666d3014f181289ffa32ae76 |
Sections 5 | .text .rdata .data .rsrc .reloc |
Directories 4 | import resource debug relocation |
File features detected
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 25/79 VT report date: 2024-09-03 00:04:35 |
Malware Type 1 | trojan |
URLs, FQDN and IP indicators 1
PE Sections 0 suspicious
Name | VAddress | VSize | Size | SHA1 | MD5 | Suspicious |
---|---|---|---|---|---|---|
.text | 0x1000 | 0x4481 | 17920 | 5fdc288d708657312cf94643512f6e69668ab4cb | 91d972899eb53ec59da76575fb0a86db | |
.rdata | 0x6000 | 0x24be | 9728 | 83283d05b7d3841c8a28e85f01b4a8d0f46dca96 | 75e7557999257e4570342ea638aae4cc | |
.data | 0x9000 | 0x5ac | 1024 | eacf27b802ae3f2f15864730269d96086334b398 | 13d8c2530e6090200d14095f52055dad | |
.rsrc | 0xa000 | 0xb580 | 46592 | e8475ef89dc9bee78a483f06590292fa0349bb6c | ba345cb7209640c569ba63be23936980 | |
.reloc | 0x16000 | 0x5cc | 1536 | 2ddae053a10264f5037b0727ab36831f307fc654 | d93ff5cef50f715b39240cc6038c57e7 |
PE Resources 3
Name | Language | Sublanguage | Offset | Size | Data |
---|---|---|---|---|---|
RT_ICON | LANG_PORTUGUESE | SUBLANG_PORTUGUESE_BRAZILIAN | 0x14f08 | 1128 | |
RT_GROUP_ICON | LANG_PORTUGUESE | SUBLANG_PORTUGUESE_BRAZILIAN | 0x15370 | 132 | |
RT_MANIFEST | LANG_ENGLISH | SUBLANG_ENGLISH_US | 0x153f8 | 392 |
Packers detected 2
Microsoft Visual C++ 8 |
VC8 -> Microsoft Corporation |
Anti debug functions 8
GetLastError |
IsDebuggerPresent |
IsProcessorFeaturePresent |
NtCreateThreadEx |
Process32FirstW |
Process32NextW |
TerminateProcess |
UnhandledExceptionFilter |
Strings analysis - File found
Library |
Evolut.dll |
KERNEL32.dll |
\Evolut.dll |
api-ms-win-crt-math-l1-1-0.dll |
ntdll.dll |
ADVAPI32.dll |
api-ms-win-crt-heap-l1-1-0.dll |
msvcp140.dll |
api-ms-win-crt-locale-l1-1-0.dll |
api-ms-win-crt-runtime-l1-1-0.dll |
vcruntime140.dll |
api-ms-win-crt-stdio-l1-1-0.dll |
api-ms-win-crt-filesystem-l1-1-0.dll |