Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
01/06/2024, 15:07
General
-
Target
Injector.exe
-
Size
18.9MB
-
MD5
b33b74a688c4eefcac41843cf154af46
-
SHA1
41a192b38e01ee860c171dd7b57e78983b2c8a2e
-
SHA256
e223b788a9c905568bc4cadfadcab714201e08dfe8637f9ada9195b859dd2dd0
-
SHA512
f5a45367219a1260ee99d37e1ec4abcc939e3bb647a56d14cdb08cb94ba784c81fa6219e226a781b2a1f9b883e1b213024a618f6e02d74bd15a31f8092cd3d8d
-
SSDEEP
393216:1nrONaYZu+5x30R+Dylj0JwajT0KS/XEFbPqvwxVqYV38QxVzeY8:lYZu+5NOs24ueZS/O+vwxRMQrN
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Injector.exe"C:\Users\Admin\AppData\Local\Temp\Injector.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\onefile_2964_133617280884166000\Injector.exe"C:\Users\Admin\AppData\Local\Temp\Injector.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD59a24c8c35e4ac4b1597124c1dcbebe0f
SHA1f59782a4923a30118b97e01a7f8db69b92d8382a
SHA256a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7
SHA5129d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b
-
Filesize
36.7MB
MD5c93ee24a8e88fe1d03b6177c40a8fdab
SHA19f89681fc809a765c84521ec8a094d5ba6d43c17
SHA25691a9827254543a2752fe38788f09eb4a5c0b777e70a8c4d39cf20c0712aee3a7
SHA51262e7a171cf69e213d44d95e112c8c074d43ac61be6f87cc9aa0afa09bef3d6602765d27a441e040e3fe482e6281ed0b824403cdb62c777b1beabc4fce5ea6840