Overview

overview

7

Static

static

1

nexus 2.exe

windows10-1703-x64

7

nexus 2.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    nexus 2.exe

  • Size

    55.8MB

  • Sample

    230204-jynl9agb8y

  • MD5

    f7eab07881c292e598092aa4e8ab2587

  • SHA1

    5615682c5a3ce867b8e4eb3aba3587bf47d1ec81

  • SHA256

    26a8e6eefb6fc4af27b8b6199c561a9adc61254c7bf1bae9b3d5855c9f88721b

  • SHA512

    975287fdfadfb36d5e96bd9a5f86726ea87f9e22b2b0f93453b788722ed49278a6d156d786a1b414ef42a8ee157c260efb7788af2b367bdcfbf6c6dad0b6ee06

  • SSDEEP

    1572864:dbP85mB7YYk0HsIO63WNpBAIsEZtw3oApB/TjgkL+Z4IQvMjRTyDO+u:5P3dJMoWHBFLtLmpfPqLQkjwOL

Score
7/10
discovery

Malware Config

Targets

    • Target

      nexus 2.exe

    • Size

      55.8MB

    • MD5

      f7eab07881c292e598092aa4e8ab2587

    • SHA1

      5615682c5a3ce867b8e4eb3aba3587bf47d1ec81

    • SHA256

      26a8e6eefb6fc4af27b8b6199c561a9adc61254c7bf1bae9b3d5855c9f88721b

    • SHA512

      975287fdfadfb36d5e96bd9a5f86726ea87f9e22b2b0f93453b788722ed49278a6d156d786a1b414ef42a8ee157c260efb7788af2b367bdcfbf6c6dad0b6ee06

    • SSDEEP

      1572864:dbP85mB7YYk0HsIO63WNpBAIsEZtw3oApB/TjgkL+Z4IQvMjRTyDO+u:5P3dJMoWHBFLtLmpfPqLQkjwOL

    Score
    7/10
    discovery

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks