Trojan.Injector.FDD
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Injector.FDD |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
b9f40ee02a07fecdcd60e9de3072c1f4
SHA1:
290b6f6c4bc6e6edf84148896f77b10393176cf5
SHA256:
91584AF7437B90AA57305D11C8D4278D1D19387FAD0ED0251C15FB40E04A9719
File Size:
295.42 KB, 295417 bytes
|
|
MD5:
87db21c7fe7bdd3d46bb89a778b52c3e
SHA1:
11109e120f1c34dd733c5f28db664fd336e457b4
SHA256:
AA9616275E6C59E53FC5B9416636D477137CFF02088C5B50547D03D4D6E6745E
File Size:
295.31 KB, 295311 bytes
|
|
MD5:
892b5ad7f55b16cd31959ee3afac55b7
SHA1:
3840a5e0a2dd5065a48b9402ab2883a12e27f4e8
SHA256:
9FC31FAEBCCADF1327BAB7BD70449944063253E634DACAE05DAB5C86A62F403E
File Size:
295.42 KB, 295422 bytes
|
|
MD5:
a946f565698ef3f59e70aad07593f039
SHA1:
a07c9c10474139464c4bebb9ec5c0810f05a0e39
SHA256:
D403A432BE9C37E1703EEF844D600BCDB4F2C01115F4DA66BE626887E195FA82
File Size:
295.39 KB, 295390 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| File Version | 1.00 |
| Internal Name | TJprojMain |
| Original Filename | TJprojMain.exe |
| Product Name | Project1 |
| Product Version | 1.00 |
File Traits
- x86
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Other Suspicious |
|
