nitro | 73d55d99c41e89daa8c9bd213d02974d89b53c3e5a0dcd5bbf0b99ff36424cac | Triage

Submit
Reports

Overview

overview

Static

static

92eea22c70...73.exe

windows7_x64

92eea22c70...73.exe

windows10_x64

Sharing

General

Target

92eea22c70cf0fe4116b1021e91eb373
Size

61KB
Sample

210812-yn4wfndeaa
MD5

92eea22c70cf0fe4116b1021e91eb373
SHA1

66b8c24be3b82ecbbebb5e5a70ddf746d212e16f
SHA256

73d55d99c41e89daa8c9bd213d02974d89b53c3e5a0dcd5bbf0b99ff36424cac
SHA512

b8d2b6bba4027bda2ac3ef09c346a1e8ee768afb990bcacbd860bbead42a420303814e4f4081a32b81f89085b53879f7ce888c864cf34654a7c066facb44d035

Score

10^/10

nitro persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

92eea22c70cf0fe4116b1021e91eb373.exe

Resource

win7v20210408

nitro persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

92eea22c70cf0fe4116b1021e91eb373.exe

Resource

win10v20210408

nitro persistence ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  92eea22c70cf0fe4116b1021e91eb373
- Size
  
  61KB
- MD5
  
  92eea22c70cf0fe4116b1021e91eb373
- SHA1
  
  66b8c24be3b82ecbbebb5e5a70ddf746d212e16f
- SHA256
  
  73d55d99c41e89daa8c9bd213d02974d89b53c3e5a0dcd5bbf0b99ff36424cac
- SHA512
  
  b8d2b6bba4027bda2ac3ef09c346a1e8ee768afb990bcacbd860bbead42a420303814e4f4081a32b81f89085b53879f7ce888c864cf34654a7c066facb44d035
Score

10^/10

nitro persistence ransomware
- Nitro
  A ransomware that demands Discord nitro gift codes to decrypt files.
  ransomware nitro
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

nitropersistenceransomware

behavioral2

nitropersistenceransomware

© 2018-2025

Terms | Privacy