Overview

overview

8

Static

static

3

Inazuma.exe

windows7-x64

8

Inazuma.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Inazuma.exe

  • Size

    35.8MB

  • Sample

    240420-xhhyqaff9t

  • MD5

    4f87e755e07ef688dc899e7f5ffdc283

  • SHA1

    a93b9dc51c2d72a8e4bc311c29f72f572b293d97

  • SHA256

    41b1b8220f1f700712831d790a8e4dd8fd552748e445c6611ad0f9c7b2dd1d8b

  • SHA512

    5f5af06dbb27908fa450dfdb093a884f79217c6f29060076d855a59b0b63e5f3021b90e060f9538657e97268287802e5a948f43845995ba092d48ca53f202d68

  • SSDEEP

    786432:K7ACT5+AN6fQKQNDA1H2Bwd7ZlbCqE9kG3YUPS:K7ACTIsXzNDuH2w7PbJE3RS

Score
8/10

Malware Config

Targets

    • Target

      Inazuma.exe

    • Size

      35.8MB

    • MD5

      4f87e755e07ef688dc899e7f5ffdc283

    • SHA1

      a93b9dc51c2d72a8e4bc311c29f72f572b293d97

    • SHA256

      41b1b8220f1f700712831d790a8e4dd8fd552748e445c6611ad0f9c7b2dd1d8b

    • SHA512

      5f5af06dbb27908fa450dfdb093a884f79217c6f29060076d855a59b0b63e5f3021b90e060f9538657e97268287802e5a948f43845995ba092d48ca53f202d68

    • SSDEEP

      786432:K7ACT5+AN6fQKQNDA1H2Bwd7ZlbCqE9kG3YUPS:K7ACTIsXzNDuH2w7PbJE3RS

    Score
    8/10

    • Drops file in Drivers directory

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks