Overview

overview

6

Static

static

3

W-Inject.exe

windows10-1703-x64

6

W-Inject.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    158s
  • max time network
    167s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-en
  • resource tags

    arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
  • submitted
    06/01/2024, 21:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    W-Inject.exe

  • Size

    190KB

  • MD5

    13652bccac626a55d5a7a98a5f05caa3

  • SHA1

    a8ed168be1254d8b29ceb0ad6bc32aeb235a144a

  • SHA256

    d57f8d6e48cd20ccd6c4f4d638e3ca7cd5e364889704be5b2c23b56d41a81948

  • SHA512

    4ba9d393e5518aecf3d5d8870fce110753911790b1b2e298f8a22f1d8daeefc628f1866593fef36ad669197a263fd932b1163a934123a1f04f83c3b569afb1ac

  • SSDEEP

    3072:letG2AJ1Z4dnoBLfeHYOXdpy2c+WCY+fxrmjd0XAUsHsHWifQb:leGb1Z4JoBLfe5XdDWCYLhbAQ

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\W-Inject.exe
    "C:\Users\Admin\AppData\Local\Temp\W-Inject.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:5012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5012-0-0x00007FF9C31C0000-0x00007FF9C3B60000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/5012-1-0x0000000002820000-0x0000000002830000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5012-2-0x00007FF9C31C0000-0x00007FF9C3B60000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/5012-3-0x000000001BAD0000-0x000000001BF9E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/5012-4-0x000000001B4F0000-0x000000001B58C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/5012-5-0x00000000027B0000-0x00000000027B8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/5012-6-0x000000001C710000-0x000000001C72A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/5012-9-0x0000000002820000-0x0000000002830000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5012-11-0x0000000002820000-0x0000000002830000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5012-12-0x00007FF9C31C0000-0x00007FF9C3B60000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/5012-13-0x0000000002820000-0x0000000002830000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5012-14-0x00007FF9C31C0000-0x00007FF9C3B60000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/5012-15-0x0000000002820000-0x0000000002830000-memory.dmp

    Filesize

    64KB

    Download