General
-
Target
NS.zip
-
Size
138.8MB
-
Sample
210417-kqcerzdpcx
-
MD5
857ad83f58440a64b81a4ae9960cd77f
-
SHA1
9b696807331b6ec19f67501ea239d38d5e52bff3
-
SHA256
47e117f73b1f31787edc5ea4ece3027883dd2510d15b597cbbcc5859742e20fa
-
SHA512
5112c00901431902c1729eb875f09cfc701f1a09e4f8fdbdee3c755d57eed24d1871b0dc74080f6e88be6f2bbece2aebce7eaf5e066315b532956ac533289174
Static task
static1
Behavioral task
behavioral1
Sample
NS/nipperstudio-2.9.1-win64.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
NS/nipperstudio-2.9.1-win64.exe
-
Size
136.1MB
-
MD5
cbf70f826ccdee520631f1d73cec854c
-
SHA1
d4bca4aa0f8d116d1ccb5b10e5e16856630d5755
-
SHA256
043659ccabb62e37b7ac1341c34418ea8202ab4b3b663ed4382b319ffde2abd4
-
SHA512
51304f30b97648439f7f2f3e716d506f50abd752ba9954279a142de4e887823a57c638c09c6d49b810ae185c8df0dcff84931d9d9719a885d9046c2087f2e96e
Score8/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-