General
-
Target
nitro_pro13_ba_x64.msi
-
Size
227.7MB
-
Sample
221127-nmcg3agh6t
-
MD5
06d03947343467c2171da13a7f2dce8c
-
SHA1
152869568cb73f70c56ace164074394737590c96
-
SHA256
15b07f5cdf48bc280a5174d121aa82c39ecec6496f856a3927dca297c639509c
-
SHA512
3cfbde459ba2a88cda2d680bdb1d17298ae109ba27d9e24748bbdbc30cfbb3d1df47b91453abff1bd0c9718ecf4c3a6d289331cfc7fb214594d6eafde5141849
-
SSDEEP
6291456:d8mYS7lAOLRMIoXzpO0EbjEcs7Jfjw+ouXB8Pb:gS7lLLReUHLQpu
Malware Config
Targets
-
-
Target
nitro_pro13_ba_x64.msi
-
Size
227.7MB
-
MD5
06d03947343467c2171da13a7f2dce8c
-
SHA1
152869568cb73f70c56ace164074394737590c96
-
SHA256
15b07f5cdf48bc280a5174d121aa82c39ecec6496f856a3927dca297c639509c
-
SHA512
3cfbde459ba2a88cda2d680bdb1d17298ae109ba27d9e24748bbdbc30cfbb3d1df47b91453abff1bd0c9718ecf4c3a6d289331cfc7fb214594d6eafde5141849
-
SSDEEP
6291456:d8mYS7lAOLRMIoXzpO0EbjEcs7Jfjw+ouXB8Pb:gS7lLLReUHLQpu
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-