General
-
Target
Extreme_Injector_Beta.exe
-
Size
8.4MB
-
Sample
230326-2ew4dscc9z
-
MD5
38f42b32f33f5de210ca1e138cf63925
-
SHA1
e581bfbb5d325434102dedcf13a734c6529f11a2
-
SHA256
640acc16dc4d5aa4163a4c994928347cdba1529129ef59f071f2f58a52e27659
-
SHA512
13d1c35aac8e0440310d03b1d4bb65d48a36587a47edc856cb251655cda185b22dc201994049c244a4f5dcc87d9ebcfb52434cbb10c08c5a896142fead8d167d
-
SSDEEP
196608:gqfzJJ9L/qgfN78gcg5+iFOKr/lVzvNK1DTtl540tFEAd93siDA:X1z/qE89gsiFOSDDNWhl73dV3
Behavioral task
behavioral1
Sample
Extreme_Injector_Beta.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral2
Sample
Extreme_Injector_Beta.exe
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
Extreme_Injector_Beta.exe
-
Size
8.4MB
-
MD5
38f42b32f33f5de210ca1e138cf63925
-
SHA1
e581bfbb5d325434102dedcf13a734c6529f11a2
-
SHA256
640acc16dc4d5aa4163a4c994928347cdba1529129ef59f071f2f58a52e27659
-
SHA512
13d1c35aac8e0440310d03b1d4bb65d48a36587a47edc856cb251655cda185b22dc201994049c244a4f5dcc87d9ebcfb52434cbb10c08c5a896142fead8d167d
-
SSDEEP
196608:gqfzJJ9L/qgfN78gcg5+iFOKr/lVzvNK1DTtl540tFEAd93siDA:X1z/qE89gsiFOSDDNWhl73dV3
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-