Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Injector.JOD

Trojan.Injector.JOD

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.Injector.JOD
Signature status: No Signature

Known Samples

MD5: 863102952f2c8ff48e8a1b09d810ca7f
SHA1: 7c8c34dfa6e87109dcd649286082a5ccce50bd1b
SHA256: E4148990F67058C4BE136D42EBEEAC52EB0B0858E6F8D1B5BF8BE426BD43AE88
File Size: 2.41 MB, 2411008 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name Microsoft Corporation
File Description Setup Unattend Generic Command Processor
File Version 10.0.19041.3636 (WinBuild.160101.0800)
Internal Name SetupUGC.exe
Legal Copyright © Microsoft Corporation. All rights reserved.
Original Filename SETUPUGC.EXE
Product Name Microsoft® Windows® Operating System
Product Version 10.0.19041.3636

File Traits

  • fptable
  • HighEntropy
  • Installer Manifest
  • Installer Version
  • WriteProcessMemory
  • x64

Block Information

Total Blocks: 1,906
Potentially Malicious Blocks: 904
Whitelisted Blocks: 1,001
Unknown Blocks: 1

Visual Map

x x x x x 0 x x x x x x x x x x x 0 x x x x x x x 0 0 x x x 0 0 0 0 x x x x x x x x x 0 0 x x 0 0 0 x x 0 x 0 x 0 0 x 0 0 0 x x x 0 x x x 0 x x x 0 x 0 0 x x x x x 0 x x x 0 0 x x x 0 x 0 0 0 x x 0 0 x 0 x 0 x x 0 0 0 x 0 x x x 0 x 0 x 0 x x 0 0 0 x x x 0 0 0 0 0 x x 0 0 0 0 0 x x x 0 x x x x 0 0 x x 0 0 x x 0 x 0 0 x 0 0 0 0 x x 0 x 0 0 x x 0 x 0 x x x 0 x x x x 0 x 0 x x x x x x x 0 x 0 x x 0 0 x x x x 0 x x x x 0 x 0 x 0 x x x x 0 0 x 0 x x 0 0 0 0 x x x x 0 x x x x x 0 ? x x x x x x x x x x x x x x x x x x 0 x x 0 x x x 0 0 x x 0 x x x x x 0 x x x x x x x x x 0 x 0 x x x x x x x x x 0 x x x 0 0 0 x 0 x x x x x x x x x x 0 x x 0 x x 0 x 0 x 0 0 x 0 x x x 0 0 x x x 0 x x 0 x 0 0 x x x 0 0 x x x x 0 x 0 x 0 0 x x x x 0 x x 0 x 0 x 0 x 0 x x 0 0 0 x 0 0 x 0 x x x x x x x 0 0 0 x x x x x x 0 x x x x 0 x x x 0 x x x 0 0 x 0 x x x x 0 x x 0 x 0 0 x x x x 0 x 0 0 x x x x x x x x 0 x x x x x 0 x 0 x x 0 x x x 0 0 x x x x x 0 x 0 x 0 x 0 x 0 x 0 x 0 x x 0 x x x 0 x 0 0 x 0 x 0 x 0 x 0 0 x x 0 x x x x 0 x x x x x 0 x x x x 0 x x x 0 0 0 0 x 0 x x x x x x 0 x 0 x 0 x x x x 0 x 0 0 x x x x x x 0 x x 0 x x 0 x 0 x 0 0 x 0 0 0 x 0 x 0 0 0 x x x 0 x 0 x x x 0 x x x x x 0 x x x x 0 x x x x x x x x 0 0 0 0 0 0 x 0 x 0 0 0 x x 0 0 0 0 0 0 x 0 0 0 x x x 0 x 0 x x 0 0 x x 0 0 x x x x x x x x x 0 x x x x x 0 x 0 x x x x x x x x x x x 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 x 0 0 x x x 0 x 0 x x 0 0 x x 0 0 x x 0 x x x x 0 x x 0 x 0 x x x x 0 x 0 x x x x x x 0 x 0 0 x x 0 0 x x x x x x x x x 0 x 0 x x x x x x x x x x 0 x 0 0 0 0 0 x x x x x x x 0 0 x 0 x 0 x x 0 x x x x 0 0 0 0 x 0 x x x 0 x 0 0 0 0 0 x x 0 x 0 x x x 0 x x x 0 x x x x x x x x x 0 0 x 0 x x x 0 x 0 x x x 0 x x 0 0 x x x x 0 x x x 0 x x x 0 x x x x x x x x 0 0 x 0 x 0 x 0 x x x x x 0 x x x 0 x x 0 x x x 0 0 x 0 x x x x 0 x 0 x 0 0 x x x 0 x 0 0 x x 0 x 0 x 0 0 x 0 0 x x 0 x x 0 x 0 x x 0 x x 0 x 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 x x 0 x x x x 0 0 x 0 x x 0 x x x x 0 0 x 0 0 x x x x x x x 0 x 0 x 0 x x x 0 0 x 0 x x 0 0 0 x 0 0 0 x 0 x x x x x 0 x x x 0 x x x 0 0 0 x 0 0 x 0 x x 0 x x 0 x x x x x x x x 0 x x 0 x x 0 x 0 x 0 x x 0 0 0 x 0 x x 0 x x 0 x x 0 0 0 x x 0 x x 0 x x x 0 x x 0 0 0 x 0 x x x x x 0 0 0 x 0 0 0 0 0 x x 0 0 0 x 0 x 0 0 0 x 0 x x x x 0 x x x x 0 0 0 0 x 0 0 x x 0 x x 0 x 0 x x x 0 x x x x x 0 x 0 0 x x x x 0 0 x x 0 x x x x x x x 0 0 x 0 0 0 0 0 x 0 0 x 0 0 0 0 x x 0 x x x x x x x x 0 0 0 x 0 x 0 0 0 x 0 0 x x 0 0 0 x 0 x x 0 0 x 0 x x x x x x x 0 x 0 x x x 0 0 0 x x 0 x 0 0 x x x 0 0 0 x 0 0 x x 0 0 0 x 0 0 0 x x 0 x 0 x x x 0 0 x x x 0 x x 0 0 0 x x x 0 0 x x x 0 x 0 0 x 0 x 0 0 0 0 x 0 x x x x 0 0 x x x x x 0 x x 0 x x x x 0 x x x x x x x 0 0 0 x 0 0 0 x x 0 x x 0 x x 0 x x x x 0 0 x 0 0 0 0 x x x x x 0 x 0 x x x 0 x x 0 0 x x 0 x x 0 x x 0 0 0 0 0 0 x 0 0 x 0 0 0 x x 0 0 0 x x x x x 0 x x 0 0 x x 0 0 x x x x 0 0 0 x x 0 0 x 0 x 0 x 0 x 0 0 x 0 x x x 0 x x x x x x x 0 x 0 x x x x x x 0 x x 0 x 0 0 x 0 x x x 0 x 0 x 0 x x x x 0 x 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Injector.JOD

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...