Overview

overview

10

Static

static

10

Injecteur.exe

windows7-x64

7

Injecteur.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Injecteur.exe

  • Size

    8.3MB

  • Sample

    241029-lty9asthpe

  • MD5

    5d08b5bea0294ec06d0518f32294cdb8

  • SHA1

    90ef4189c3b93bf8fb9b744b0c382f341bdf8fef

  • SHA256

    133a1cf0ea213d8abf0303135ed039be296079ea7dceba8a36e4bf232393f34c

  • SHA512

    b604bd499dba07cc6ad9bbdfb499c0f264ccf67246a03c95d6cc81ba51a2f677e4b2694d991cbf38e3583d3239fcc5face63af6766ac098b57a6771a2f5e1b01

  • SSDEEP

    196608:q9qurErvI9pWjg/Qc+4o673pNrabebSEjxyMDH8mp:turEUWjZZ4dDLIeWCym8M

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      Injecteur.exe

    • Size

      8.3MB

    • MD5

      5d08b5bea0294ec06d0518f32294cdb8

    • SHA1

      90ef4189c3b93bf8fb9b744b0c382f341bdf8fef

    • SHA256

      133a1cf0ea213d8abf0303135ed039be296079ea7dceba8a36e4bf232393f34c

    • SHA512

      b604bd499dba07cc6ad9bbdfb499c0f264ccf67246a03c95d6cc81ba51a2f677e4b2694d991cbf38e3583d3239fcc5face63af6766ac098b57a6771a2f5e1b01

    • SSDEEP

      196608:q9qurErvI9pWjg/Qc+4o673pNrabebSEjxyMDH8mp:turEUWjZZ4dDLIeWCym8M

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks