4b81cc187f12f508b4336e17d2525d734c491d7494bb7f509fdaeb8c279dabaa | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Inzector.zip

windows7-x64

1

Inzector.zip

windows10-2004-x64

7

Inzector.exe

windows7-x64

1

Inzector.exe

windows10-2004-x64

1

Resubmissions

24/03/2023, 20:11

230324-yyg7ssbc5y 7

24/03/2023, 20:03

230324-ysvwpsha76 3

Sharing

General

Target

Inzector.zip
Size

4.9MB
Sample

230324-yyg7ssbc5y
MD5

262b3ec8b8494f278516990e8beb3515
SHA1

584168a1f7245736d3488af3f6cc8ed76fe3ebaf
SHA256

4b81cc187f12f508b4336e17d2525d734c491d7494bb7f509fdaeb8c279dabaa
SHA512

1acfa9c87f548b4e4aee91ad54647f7a81e9f9be8d27c1509fd4ce23b8e514c922ea1c7e259bca86545d53a0a8dd7235dabce677a375bb86dfebc1e9f9525b5e
SSDEEP

98304:pfxEe6lexZooszr7r/U7KF//JtXxOGS/D5HxW/gAsF2:lxExlMZI7jUatXhS75HxW/HQ2

Score

7^/10

discovery themida

Static task

static1

Behavioral task

behavioral1

Sample

Inzector.zip

Resource

win7-20230220-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

Inzector.zip

Resource

win10v2004-20230220-en

discovery themida

windows10-2004-x64

23 signatures

300 seconds

Behavioral task

behavioral3

Sample

Inzector.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral4

Sample

Inzector.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

300 seconds

Malware Config

Targets

- Target
  
  Inzector.zip
- Size
  
  4.9MB
- MD5
  
  262b3ec8b8494f278516990e8beb3515
- SHA1
  
  584168a1f7245736d3488af3f6cc8ed76fe3ebaf
- SHA256
  
  4b81cc187f12f508b4336e17d2525d734c491d7494bb7f509fdaeb8c279dabaa
- SHA512
  
  1acfa9c87f548b4e4aee91ad54647f7a81e9f9be8d27c1509fd4ce23b8e514c922ea1c7e259bca86545d53a0a8dd7235dabce677a375bb86dfebc1e9f9525b5e
- SSDEEP
  
  98304:pfxEe6lexZooszr7r/U7KF//JtXxOGS/D5HxW/gAsF2:lxExlMZI7jUatXhS75HxW/HQ2
Score

7^/10

discovery themida
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  Inzector.exe
- Size
  
  4.9MB
- MD5
  
  45fab2ab7c948382c9816d4c3c5d1505
- SHA1
  
  4690674d75dbcfd6a2439828c9c2dea62c222530
- SHA256
  
  c0cca88d4178636b4330e9e2aadd4d446b9f1734633c1aa91448fbd6562ad95c
- SHA512
  
  861d7e6c7fe21f96b9337af75ef5b8935aeb774733ed2b36c18ccfbb0e0b9a4a933e48abe68073931fa21bfe599923d3ae166c68f10a075b11052558d8832a29
- SSDEEP
  
  98304:2A5Ew+laprq1bDuvxcoWxhTWAX1+ip3+mCLfYPnYpxGVhZzehP/lHBZU:2A5ELli+1bKvxczX4ip3+m8YPYpxGVhw
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverythemida

behavioral3

behavioral4

© 2018-2025

Terms | Privacy