Nitro_Generator.exe

General
Target

Nitro_Generator.exe

Size

28MB

Sample

220519-xrvc4sahh6

Score
7 /10
MD5

1e70d097a4c58498a27e5512279c117f

SHA1

cd03b3cc787da79df9c768083caac41017ed9bb4

SHA256

2cec1a7d0eca001e5413f3457a26cd866494066a0264e611e0a02b3a071b017c

SHA512

0c14eca699fe8ae5360dd287a5ba4fcff7877012eb01e892d4f19c28e3f83f4e0e4d25a692f5a18c0fe26da5de358346839006f3352a27629879509cddfb9ed0

Malware Config
Targets
Target

Nitro_Generator.exe

MD5

1e70d097a4c58498a27e5512279c117f

Filesize

28MB

Score
7/10
SHA1

cd03b3cc787da79df9c768083caac41017ed9bb4

SHA256

2cec1a7d0eca001e5413f3457a26cd866494066a0264e611e0a02b3a071b017c

SHA512

0c14eca699fe8ae5360dd287a5ba4fcff7877012eb01e892d4f19c28e3f83f4e0e4d25a692f5a18c0fe26da5de358346839006f3352a27629879509cddfb9ed0

Tags

Signatures

  • Drops startup file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Legitimate hosting services abused for malware hosting/C2

    TTPs

    Web Service
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    3/10

                    behavioral1

                    7/10

                    behavioral2

                    7/10