e416d82e1c5bea2d8518c0a14644027c9dad8d23a930d663d3e6e11a99036472

Resubmissions

26-11-2024 15:52

241126-ta4cxatqfm 8

26-11-2024 15:48

241126-s8ypmstphk 8

26-11-2024 15:40

241126-s38bwstmhp 8

Analysis

max time kernel
136s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
26-11-2024 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ModInjector.exe
Size

5.8MB
MD5

456e8d1820b74a7f6cc963d02c1a6513
SHA1

ebb63550be46eaaf9d0184f34cc6de235c61aa5e
SHA256

e416d82e1c5bea2d8518c0a14644027c9dad8d23a930d663d3e6e11a99036472
SHA512

9f333a7547492c5cf9d516be80eebff0f43f051154e611296a30fe694aaaf64b136a037b0406d27aa07abc1d7790095830b62e7a466b7c9c14ce7f7536a60aa5
SSDEEP

49152:+QNXVNXvNaYg8R59ckm3LpVAmYpi+b4BBjHQtDgznmDwOBOBJapTL2iKeRpJ6iai:zXfXVaE9OcundmtL2itpHaZFK

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 5 IoCs

pid	Process
1856	ModInjector.exe
1856	ModInjector.exe
1856	ModInjector.exe
1856	ModInjector.exe
1856	ModInjector.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1856	ModInjector.exe

C:\Users\Admin\AppData\Local\Temp\ModInjector.exe
"C:\Users\Admin\AppData\Local\Temp\ModInjector.exe"
1⤵
- Loads dropped DLL
- Suspicious use of FindShellTrayWindow
PID:1856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\.net\ModInjector\pslUXVJuEoT6r4WDqyw8QCKQ5+7TeLU=\FluentWPF.dll

Filesize
328KB

MD5
8cadfd021139b7eea4ea78cfd67b5f77

SHA1
b983ae5eb7c2867206d8a727d914d96b27e8e642

SHA256
68f0ae5371d81e6c320487aeb0f1214bc6b0f50ea8cca840db99ede88014e298

SHA512
76f52734fc20da094733dd175105c38902b780d818ce99438e1e0445470351c86fc9dc483a9832568d8159bc6f0e1ba4b433c1505d6d04462b7095cf700d38aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\ModInjector\pslUXVJuEoT6r4WDqyw8QCKQ5+7TeLU=\Microsoft.Web.WebView2.Core.dll

Filesize
1.0MB

MD5
003f6e9c93608c77f07cb3677b7e71c6

SHA1
dffa911b59034a56b4dc7fef20116b72f1d3c74a

SHA256
4e848ba0ea2c2fd11cca74d9d206daee07f1bc119b70beb1bb516584081bd690

SHA512
8ec0a96cb674b87dd848386e9aa5f7477a3d78ad200a9e7670ae9e3fecd27da4cbbb276afaf1e5b40bea29a046ef76011e741924541fbf9b4c3185c64e056f07

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\ModInjector\pslUXVJuEoT6r4WDqyw8QCKQ5+7TeLU=\Mod Index Injector.dll

Filesize
1.1MB

MD5
5a648fcf86304a29c91f61bf303dcd06

SHA1
cd03b15e73e3499ab533b20a15d857cdf26553f3

SHA256
2473b49afca1ea5cdddc5f2403d9e13366426027f11f66cdcdb4b30a8fe52c30

SHA512
8268e7742bba079d50d54677afedde4ac8fe4d1fb3375cd33b740f8c67712aa22cd7d857ec2f03050747d7a8abd15b7b291d542d60b63e245bc052ee375ea617

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\ModInjector\pslUXVJuEoT6r4WDqyw8QCKQ5+7TeLU=\Newtonsoft.Json.dll

Filesize
1.8MB

MD5
ab65620c75d4187565957069cdf343b1

SHA1
433221e3abdbf4b3edf9085fcd465de95578f7a9

SHA256
081d2744e37dac60cb04cb5da12b55d8bc7dafc4a20c0cace598d63be877340a

SHA512
4abd1bf4e7effc9afde1293d691a86293f096714b4cdec25100963f0ebbb95a5ee759b7a566570604a744f75336b61912541ecf4ffc245f3a30efc7be6a09f70

Download Submit
C:\Users\Admin\AppData\Local\Temp\.net\ModInjector\pslUXVJuEoT6r4WDqyw8QCKQ5+7TeLU=\WebView2Loader.dll

Filesize
161KB

MD5
3fac859547077abafe806ff1e4709f47

SHA1
0366df220c5d224ee64a42c929574407d2e6d2c9

SHA256
f4d811cda483adb33220c5a856c5ec8dca3a095fde54b44f08e1279a6a5efd33

SHA512
9b7b7aabf6bdc11dfd74430336e02d7d2b96b6bbf352f1e2d158a4900bead364900820af56cf9af25366ff5704e2ffcc2458d45dc3efe00ebd0843d127ab7435

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads