Overview

overview

7

Static

static

Nervercrac...I2.dll

windows10-1703-x64

1

Nervercrac...et.dll

windows10-1703-x64

1

Nervercrac...ck.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NerverCrack.rar

  • Size

    1.8MB

  • Sample

    221201-xz3dpaff7x

  • MD5

    f38fba93e25b2d8fb93b7362776600c5

  • SHA1

    07402536cb0dacf2cebe67b0e5b3d96be7fe031e

  • SHA256

    7aa0554ab54976cd63b1bdd3ebb55cfa86cb7e335d60d70064f040b95fea9317

  • SHA512

    95318b2251831417b33266d8e245c774734bd72ab1708477e8e12af0e45079f4a5e3d1840444a86dc06f20c76317595f87ca74b2d66a43264d142e9676176ee2

  • SSDEEP

    49152:wQqZ8BMMYsMPG7b0mzTrGmK1CWpJd5of+PKD7OzqBCW:wQwgMVsd7XrG17H5Q3V

Score
7/10
microsoftphishing

Malware Config

Targets

    • Target

      Nervercrack/Guna.UI2.dll

    • Size

      3.8MB

    • MD5

      846a7e5993282e220b26b82e7a39a40a

    • SHA1

      e37fe15d2fb33753c042e16d1d008d412e7d99e7

    • SHA256

      5613682635617cd43720807448f69b10090932e8571a358b92361d2a2c7a4597

    • SHA512

      fcf608391d7f8406bb538aca0e9dafb804cceda6c590dcd98d684645bc3bfc0c1d43455a74854988b4b30e56a68ef8be886e92e993f1504b49f0e4baa1c0cc0b

    • SSDEEP

      24576:d1N5YmLfrTboUFM1dFqgWy/KKu7wG0Q/vtDyaBhTDs1l+zTdE+LHQ/jz4AN3KC:dLDoUFmagPKKu7wG0QHBTal+fa+PAv

    Score
    1/10
    behavioral1

    • Target

      Nervercrack/Leaf.xNet.dll

    • Size

      2.1MB

    • MD5

      0790fca561903af0072c8cbd4174677d

    • SHA1

      a349c2c9403710ba7d1703b7bfa4e669e8ef1ea8

    • SHA256

      bfc64e7e66f52df7cadc2a78ae5a42073ba675aabdafd336a8f93d12aad4e4bc

    • SHA512

      27c01f3db8bc8196a7c8fb7e70463efc675b4f8c87b37204c753c46383d9a98e8d9a784920af224afe853e9a42da03d4de18e211695f7d1033456f3d796d9795

    • SSDEEP

      24576:iiZKezCQfFMNAgNWzJ2ms1+HFe2EBm7wTJDa4wavMVHCLzgjK:LmgH8gj

    Score
    1/10
    behavioral2

    • Target

      Nervercrack/Nevercrack.exe

    • Size

      322KB

    • MD5

      7e8154327d1a6ae2a0d842619a2e01e1

    • SHA1

      149909ec2abe7fea5e3841faed124f187fef1ceb

    • SHA256

      7a52c29bcf81b8304a3eac7650c83d6461d62d5b87f3d7ffba901590527e9e2c

    • SHA512

      8c0a49ca28921286ba032e11687f974ec45309c9b4317e79bab868928642e87069fc6df8772964ab559d2e17f8f69668b94bf9544ef2bbcdfe9fd691410c3cae

    • SSDEEP

      6144:KxciWS+6p++aP6M5V9OycTghVEaDYSlodLqMkSTYhPHr02:KxciRry5X5/EDdNePHY2

    Score
    7/10
    microsoftphishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks