Nitro_Generator.exe

Target

Nitro_Generator.exe

Size

28MB

Sample

220519-xrvc4sahh6

Score

7 ^/10

MD5

1e70d097a4c58498a27e5512279c117f

SHA1

cd03b3cc787da79df9c768083caac41017ed9bb4

SHA256

2cec1a7d0eca001e5413f3457a26cd866494066a0264e611e0a02b3a071b017c

SHA512

0c14eca699fe8ae5360dd287a5ba4fcff7877012eb01e892d4f19c28e3f83f4e0e4d25a692f5a18c0fe26da5de358346839006f3352a27629879509cddfb9ed0

Target

Nitro_Generator.exe

MD5

1e70d097a4c58498a27e5512279c117f

Filesize

28MB

Score

7^/10

SHA1

cd03b3cc787da79df9c768083caac41017ed9bb4

SHA256

2cec1a7d0eca001e5413f3457a26cd866494066a0264e611e0a02b3a071b017c

SHA512

0c14eca699fe8ae5360dd287a5ba4fcff7877012eb01e892d4f19c28e3f83f4e0e4d25a692f5a18c0fe26da5de358346839006f3352a27629879509cddfb9ed0

Signatures

Drops startup file
Loads dropped DLL
Reads user/profile data of web browsers
Description

Infostealers often target stored browser data, which can include saved credentials etc.
Tags

spyware stealer

TTPs

Data from Local SystemCredentials in Files
Legitimate hosting services abused for malware hosting/C2
TTPs

Web Service
Looks up external IP address via web service
Description

Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

behavioral1 behavioral2

Collection

Data from Local System

Command and Control

Credential Access

Credentials in Files

Defense Evasion

Web Service

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

pyinstaller

3^/10

behavioral1

7^/10

behavioral2

spyware stealer

7^/10

Tags

Signatures

Drops startup file

Loads dropped DLL

Reads user/profile data of web browsers

Description

Tags

TTPs

Legitimate hosting services abused for malware hosting/C2

TTPs

Looks up external IP address via web service

Description

Related Tasks

static1

behavioral1

behavioral2