Overview

overview

7

Static

static

projectnig....1.exe

windows7-x64

1

projectnig....1.exe

windows10-2004-x64

7

Resubmissions

09-09-2022 05:29

220909-f6xcksdehl 7

09-09-2022 05:25

220909-f4cv6adehk 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    unityproject1.0.1.rar

  • Size

    23.0MB

  • Sample

    220909-f4cv6adehk

  • MD5

    e821afebfa949fbaa472dd201fd20c17

  • SHA1

    ee30692134906b5fbe347aac1782df65f7e984a1

  • SHA256

    d2a8d5644bb0444ad263912f077f16e30048efc443ef2715f131ca3f49786022

  • SHA512

    73b8f164583f0698f302beb99ecff5d5b1ef793b1090fa71045367996af56217f71b5ee3ef4dbcc5d05c71a4a17ff9eda1148405440a422d1932f241b3abf610

  • SSDEEP

    393216:QxsXv2cYcAMMm5tl1/SUXlkKk4CNwWUuWmQmaHXdNx8Zb4xQ5kCquW5IU9mjZQ:QG/2NcAMM4l1ZyE3b3d64xQ5kxuWbsVQ

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      projectnightfall1.0.1.exe

    • Size

      102.5MB

    • MD5

      4eab2cfdfbbea8b42161b536c2e0d88c

    • SHA1

      26a94566feccf507fcab6955e8a5a91036f06adf

    • SHA256

      5d89774b101b606dbbd370858ed2b4e0901f1fb0430666f33302165c8c905907

    • SHA512

      cd70510d7a1cfaeaa8045a000f8c7ceba2fce78f0f743d38d59c28643d019c62f85538c69acaa207605d7911ea687753ffde4bea6c863a12fc03a46334607f65

    • SSDEEP

      786432:d0LoCOn+2Ks4urYDNulLBiuILkXXrwdLyzbr+CAHZvSFjN4xl6+T2uDQJegmGP01:dMoCm/KXwc5P

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks