Packer
The binary likely contains encrypted or compressed data. Show sources
| packer_section | name: .text, entropy: 7.17, characteristics: IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE, raw_size: 0x00022200, virtual_size: 0x00022070 |
| packer_section | name: .rdata, entropy: 7.01, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ, raw_size: 0x00002200, virtual_size: 0x0000216d |
Hooking and other Techniques for Hiding Protection
Creates RWX memory Show sources
| injection_rwx_memory | 0x00000040, NtProtectVirtualMemory |