17375b323348f601609a48d019b676a86e22e9dc491d7dc29e76c74695fd048a

General

Target

Nitro Gen By Iklaus.rar
Size

23.1MB
Sample

221005-qzvwaaefhj
MD5

ca36a970841a1614959c998de53fab89
SHA1

58a1c02e73a89b03d104cf25e5a30f7233f3dcc3
SHA256

17375b323348f601609a48d019b676a86e22e9dc491d7dc29e76c74695fd048a
SHA512

3c8c1af40ae1c4ca985066020a4d37b3350d4dc84f1e3cc9388ca52a81975bc016caa912f639c5709f23661c3a233eecb88577343b91ff4852e49dfa3016a995
SSDEEP

393216:To4/yZTjvdOoRoi8VbcwJcgzngn1dikh9hETnBEVXa3sMZHNLkd/Xt6LyDfW4tTQ:ToqyZPvdO8oi8VbXzsphQIqJkDffWdt1

Score

10^/10

pyinstaller

Malware Config

Targets

- Target
  
  Nitro Gen By Iklaus/Nitro by Iklaus.exe
- Size
  
  20.2MB
- MD5
  
  8b128728ff854108023b9498554f2383
- SHA1
  
  5c0ce97a5567b1570f77f30d2b38d2894e724c2e
- SHA256
  
  cccbc1f1096bf4752c289d3035538fe8b012e883c7b198aa35bbec91079329cd
- SHA512
  
  717ae76e1377634349d1fcd9957af189a60b90de63a10274a9ecb24aa8d203f057dbb9496ac9cecd2d13403b6b0df93cc73399dcfb008dc9d4358972677bd9ff
- SSDEEP
  
  393216:GxxJhoonHOZWOnzCdQuslN/m3p9Iwd4nqPMfU9BJHOPJONvvYy4ps7UNs:GvJ+UHyW4WdQu4K9x4nq0U1OOiSUe
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  Nitro Gen By Iklaus/Properties/Resources.Designer.cs
- Size
  
  8KB
- MD5
  
  2f77f4de7f5b5ea8d59b349cbdfee403
- SHA1
  
  0ffd4476a1737d7c6cb29338077387677ed8ec80
- SHA256
  
  b4b88a37dcab4476554f8ab7e73e669d20c844d655d164c9fc771ba250796959
- SHA512
  
  f1dec8c837ed53bf943b0db4405935d8cd8ec1feef1ec91ebd848a14a0cd0f9e126457a1439dd06a9181c5739b7b0ed6153504d9ce7bee4cd19ab6994ea79d41
- SSDEEP
  
  192:wan//9tsxC1BPy27qK1dotykayfWqzayfW4zayfW6zayfWczayfji5ayfWozayft:wi39n1v7qK1kWqvW4vW6vWcvji5WovW+
Score

1^/10
behavioral2
- Target
  
  Nitro Gen By Iklaus/Properties/Resources.resx
- Size
  
  8KB
- MD5
  
  2c5fad6f0e78b46bd2dcff10a0f3a729
- SHA1
  
  77f60eb8f79f8a718d52444ab90767b3dc7a2f94
- SHA256
  
  62138b424e2c534b2c3acaef41aace2f5aeab515afb7f3f507b29b7bb7713507
- SHA512
  
  3616d38781cf50f24db18f2a00c385ee235a256ced01281c7ebcf9b7c6d1727aed511ef82f79a7c133c6ee761d87ae00d4594ad57a8475390c8fe8c27d37a4dc
- SSDEEP
  
  192:Zf+tLPfYnLvFVOiFQaUD7Ugm4hYuJokw9W2okw9Vbokw9kookw9Uuvw9mWokw9eS:Zf+tLPQnLvDOiFQXD7UgbhY0okw9jokq
Score

1^/10
behavioral3
- Target
  
  Nitro Gen By Iklaus/Properties/Settings.Designer.cs
- Size
  
  2KB
- MD5
  
  e4ab006a7d129f0311f7586063c6de7f
- SHA1
  
  afc06e97b35923355483ad98498e9d5aa3273e37
- SHA256
  
  d032001b700d5be6d2153d108c33ccbb0decc9a2584102c6b1c87d94dd94024d
- SHA512
  
  99cb0edeb0d230e56435432fe66d21d9db70cd3863cd4156e051a6f841c96d7a47e52b9318fe44e837cc3efc29dcd70e76156aa935dd0ff4799f9e45bd5c8a83
Score

1^/10
behavioral4
- Target
  
  Nitro Gen By Iklaus/Resources/stub.txt
- Size
  
  104KB
- MD5
  
  cd54316938b585d9cf4c8ba936d101d8
- SHA1
  
  97d77bc88c905a2771692869707836486a121d69
- SHA256
  
  5467976b4fc3f5f9067384e373cb3b840a0eb0c0998ca9c6168b62ec8db8d2c9
- SHA512
  
  08383a73a5b5dd80caf08a12761af447f2f4764bcb8bded864a259fd95c4b7e20ff9dde5d116ff0caa98203fff04fb82c41a5b6db07dce5a9a5ed36b9d4126e0
- SSDEEP
  
  3072:RUpsNIJxFos0KrvGlPLELWdvUeUdoPa8XQluo:2W/c
Score

1^/10
behavioral5

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Looks up external IP address via web service

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5