Overview

overview

7

Static

static

7

Injector.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Injector.exe

  • Size

    5.3MB

  • Sample

    241204-xz23xssmgm

  • MD5

    26c5ff7834f420050ba5338f7d0f4bd0

  • SHA1

    a4b5c4e0ca0602bee55f25aa4ab24c9bebd9487e

  • SHA256

    2c6c76d97394e2cc3a70377d8f9b34cfd1856ab8a1cb8f2b4483eae8d7f824f9

  • SHA512

    6d8bb5c434c1ebde25d57d8b374fbec8afb78a87fe399656e529c623bbad965ba3bf37a4e1cf6b26ecd04a1d93523b88a99907316057cccd58ddacc5fcd7cc02

  • SSDEEP

    98304:lr+zN/rWoOCNV7wAolITTYYQ6kFsuvMFo3pBMHNrri5hL15inysYcndTIJE4/AgG:kz9pOMAUrUsIeufMtrU55iQcnoX/I

Score
7/10
discoverymotwphishingvmprotect

Malware Config

Targets

    • Target

      Injector.exe

    • Size

      5.3MB

    • MD5

      26c5ff7834f420050ba5338f7d0f4bd0

    • SHA1

      a4b5c4e0ca0602bee55f25aa4ab24c9bebd9487e

    • SHA256

      2c6c76d97394e2cc3a70377d8f9b34cfd1856ab8a1cb8f2b4483eae8d7f824f9

    • SHA512

      6d8bb5c434c1ebde25d57d8b374fbec8afb78a87fe399656e529c623bbad965ba3bf37a4e1cf6b26ecd04a1d93523b88a99907316057cccd58ddacc5fcd7cc02

    • SSDEEP

      98304:lr+zN/rWoOCNV7wAolITTYYQ6kFsuvMFo3pBMHNrri5hL15inysYcndTIJE4/AgG:kz9pOMAUrUsIeufMtrU55iQcnoX/I

    Score
    7/10
    discoverymotwphishingvmprotect

    • A potential corporate email address has been identified in the URL: [email protected]

      phishing

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks