e416d82e1c5bea2d8518c0a14644027c9dad8d23a930d663d3e6e11a99036472 | Triage

Resubmissions

26-11-2024 15:52

241126-ta4cxatqfm 8

26-11-2024 15:48

241126-s8ypmstphk 8

26-11-2024 15:40

241126-s38bwstmhp 8

Sharing

General

Target

ModInjector.exe
Size

5.8MB
Sample

241126-s38bwstmhp
MD5

456e8d1820b74a7f6cc963d02c1a6513
SHA1

ebb63550be46eaaf9d0184f34cc6de235c61aa5e
SHA256

e416d82e1c5bea2d8518c0a14644027c9dad8d23a930d663d3e6e11a99036472
SHA512

9f333a7547492c5cf9d516be80eebff0f43f051154e611296a30fe694aaaf64b136a037b0406d27aa07abc1d7790095830b62e7a466b7c9c14ce7f7536a60aa5
SSDEEP

49152:+QNXVNXvNaYg8R59ckm3LpVAmYpi+b4BBjHQtDgznmDwOBOBJapTL2iKeRpJ6iai:zXfXVaE9OcundmtL2itpHaZFK

Score

8^/10

discovery phishing

Malware Config

Targets

- Target
  
  ModInjector.exe
- Size
  
  5.8MB
- MD5
  
  456e8d1820b74a7f6cc963d02c1a6513
- SHA1
  
  ebb63550be46eaaf9d0184f34cc6de235c61aa5e
- SHA256
  
  e416d82e1c5bea2d8518c0a14644027c9dad8d23a930d663d3e6e11a99036472
- SHA512
  
  9f333a7547492c5cf9d516be80eebff0f43f051154e611296a30fe694aaaf64b136a037b0406d27aa07abc1d7790095830b62e7a466b7c9c14ce7f7536a60aa5
- SSDEEP
  
  49152:+QNXVNXvNaYg8R59ckm3LpVAmYpi+b4BBjHQtDgznmDwOBOBJapTL2iKeRpJ6iai:zXfXVaE9OcundmtL2itpHaZFK
Score

8^/10

discovery phishing
- Downloads MZ/PE file
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryphishing

behavioral2