Overview

overview

7

Static

static

3

Vip-nitro-gen.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Vip-nitro-gen.exe

  • Size

    24.7MB

  • Sample

    210714-7ayvp32q2a

  • MD5

    07ac0cb10d629039d91fdbddb8621a47

  • SHA1

    0ff1558c267a88e94a258def3438fd4b2593a5a1

  • SHA256

    32c0d78c738c97953ba4fd8960bd8f08b332c248f28ef6140dc0d176a623327a

  • SHA512

    079550af991d78695581fb478457875c7f0c7213d262369ec540ccff2ceb2f038a1ed8e1d445347a29eefa4b1f152a1c78fbf122f97cd85fad1543f2d781f544

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      Vip-nitro-gen.exe

    • Size

      24.7MB

    • MD5

      07ac0cb10d629039d91fdbddb8621a47

    • SHA1

      0ff1558c267a88e94a258def3438fd4b2593a5a1

    • SHA256

      32c0d78c738c97953ba4fd8960bd8f08b332c248f28ef6140dc0d176a623327a

    • SHA512

      079550af991d78695581fb478457875c7f0c7213d262369ec540ccff2ceb2f038a1ed8e1d445347a29eefa4b1f152a1c78fbf122f97cd85fad1543f2d781f544

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks