Overview

overview

7

Static

static

3

InjectableCW.exe

windows7-x64

7

InjectableCW.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    InjectableCW.exe

  • Size

    13.9MB

  • Sample

    230423-s3nbqafh5x

  • MD5

    eec2a5fc0428421731b7e4b68f47b94b

  • SHA1

    ab7d3bbef386d75d4dc0fa8a03419139977361d0

  • SHA256

    f5aef878c01be2015fce7e68aedc8e7b351ff6e573850bb14de9a5b04f2e5f37

  • SHA512

    e7f347711bb97dbc86d27ffc96c30d1b8ba8415f4555dbb9ecfaf1c7557603286431dc4b2e2985ecce7945cabd8f87fdbf1f4998b3a63fe234ed864f57881640

  • SSDEEP

    196608:1qXZAlqpb7KX/x1HhyehNJm3AqdKDnO8NpkSgsAGKaR2kuPmytamPITBv6cO5bJ8:aZAlqYXJBb/m3pgDOEkSgsv87Q9yFYH

Score
7/10
pyinstallerupx

Malware Config

Targets

    • Target

      InjectableCW.exe

    • Size

      13.9MB

    • MD5

      eec2a5fc0428421731b7e4b68f47b94b

    • SHA1

      ab7d3bbef386d75d4dc0fa8a03419139977361d0

    • SHA256

      f5aef878c01be2015fce7e68aedc8e7b351ff6e573850bb14de9a5b04f2e5f37

    • SHA512

      e7f347711bb97dbc86d27ffc96c30d1b8ba8415f4555dbb9ecfaf1c7557603286431dc4b2e2985ecce7945cabd8f87fdbf1f4998b3a63fe234ed864f57881640

    • SSDEEP

      196608:1qXZAlqpb7KX/x1HhyehNJm3AqdKDnO8NpkSgsAGKaR2kuPmytamPITBv6cO5bJ8:aZAlqYXJBb/m3pgDOEkSgsv87Q9yFYH

    Score
    7/10
    upx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks