Overview

overview

10

Static

static

10

dll/BJJ.dll

windows7-x64

1

dll/BJJ.dll

windows10-2004-x64

1

dll/ICC.dll

windows7-x64

1

dll/ICC.dll

windows10-2004-x64

1

injector.exe

windows7-x64

10

injector.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2024 21:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    injector.exe

  • Size

    303KB

  • MD5

    48c85ca1bc5b51b14633d0d01162cba7

  • SHA1

    c4c4a8b9df4cf1fd756317760b2ce5206e93fff8

  • SHA256

    56e046611b9472a1a69d20580d1e0749b5363c3b3757fe61ff71a94e50d2cd8b

  • SHA512

    ba5367c69ebe1732540e037974ef6c7834acc64bd5514d1fa630fce6a96fefd79d7014365bbefb5cc8ddf25891a71c9238c195e8dfc8ef6a81b98bad8a3a0506

  • SSDEEP

    6144:whDT6MDdbICydeBb4eKct+ldgk6WSmA1D0Ox6:whZMeKctWdDhk1D/6

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1322256148446838815/YnQHY515s8K_YLOO2IuKm3JUDLvMN7kX8-PDF7seyznEtOJBkt61Btpjet07f3HMDgs6

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\injector.exe
    "C:\Users\Admin\AppData\Local\Temp\injector.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3092-1-0x000001C418070000-0x000001C4180C2000-memory.dmp

    Filesize

    328KB

    Download

  • memory/3092-0-0x00007FFEC6143000-0x00007FFEC6145000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3092-31-0x00007FFEC6140000-0x00007FFEC6C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3092-32-0x00007FFEC6140000-0x00007FFEC6C01000-memory.dmp

    Filesize

    10.8MB

    Download