Analysis
-
max time kernel
124s -
max time network
172s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
10-10-2021 20:09
Static task
static1
Behavioral task
behavioral1
Sample
Hackz Nuker.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Hackz Nuker.exe
Resource
win10-en-20210920
General
-
Target
Hackz Nuker.exe
-
Size
10.2MB
-
MD5
9c4946a5517669a8c2c1831abfafcec0
-
SHA1
e5fd6691b6df0dbc99078afe907a23690667c9c1
-
SHA256
22a6eb0862594b96fd3b3f9345f40d9e51e0514ca79729e01454e0f4586961ca
-
SHA512
e4a26051ee6515c4bc8528dde5906c307aac5dcf2312344b3bffbbac0c02a6be9aee8953cd33e4ac0f1d43a58c69e14e7957b162d0c10b424639c5e2dac41010
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Hackz Nuker.exepid process 1768 Hackz Nuker.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
Hackz Nuker.exedescription pid process target process PID 1076 wrote to memory of 1768 1076 Hackz Nuker.exe Hackz Nuker.exe PID 1076 wrote to memory of 1768 1076 Hackz Nuker.exe Hackz Nuker.exe PID 1076 wrote to memory of 1768 1076 Hackz Nuker.exe Hackz Nuker.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI10762\python39.dllMD5
5cd203d356a77646856341a0c9135fc6
SHA1a1f4ac5cc2f5ecb075b3d0129e620784814a48f7
SHA256a56afcf5f3a72769c77c3bc43c9b84197180a8b3380b6258073223bfd72ed47a
SHA512390008d57fa711d7c88b77937bf16fdb230e7c1e7182faea6d7c206e9f65ced6f2e835f9da9befb941e80624abe45875602e0e7ad485d9a009d2450a2a0e0f1f
-
\Users\Admin\AppData\Local\Temp\_MEI10762\python39.dllMD5
5cd203d356a77646856341a0c9135fc6
SHA1a1f4ac5cc2f5ecb075b3d0129e620784814a48f7
SHA256a56afcf5f3a72769c77c3bc43c9b84197180a8b3380b6258073223bfd72ed47a
SHA512390008d57fa711d7c88b77937bf16fdb230e7c1e7182faea6d7c206e9f65ced6f2e835f9da9befb941e80624abe45875602e0e7ad485d9a009d2450a2a0e0f1f
-
memory/1768-60-0x0000000000000000-mapping.dmp