Overview

overview

6

Static

static

1

ninjarippe...pt.zip

windows7-x64

1

ninjarippe...pt.zip

windows10-2004-x64

1

ninjarippe...en.txt

windows7-x64

1

ninjarippe...en.txt

windows10-2004-x64

1

ninjarippe...ru.txt

windows7-x64

1

ninjarippe...ru.txt

windows10-2004-x64

1

ninjarippe...ut.lnk

windows7-x64

3

ninjarippe...ut.lnk

windows10-2004-x64

6

ninjarippe...mp.exe

windows7-x64

3

ninjarippe...mp.exe

windows10-2004-x64

3

ninjarippe...ll.rar

windows7-x64

3

ninjarippe...ll.rar

windows10-2004-x64

3

ninjarippe...ll.rar

windows7-x64

3

ninjarippe...ll.rar

windows10-2004-x64

3

ninjarippe...ath.ms

windows7-x64

3

ninjarippe...ath.ms

windows10-2004-x64

3

ninjarippe...mr.zip

windows7-x64

1

ninjarippe...mr.zip

windows10-2004-x64

1

ninjarippe...l69.ms

windows7-x64

3

ninjarippe...l69.ms

windows10-2004-x64

3

ninjarippe...1.3.ms

windows7-x64

3

ninjarippe...1.3.ms

windows10-2004-x64

3

ninjarippe...ea.txt

windows7-x64

1

ninjarippe...ea.txt

windows10-2004-x64

1

ninjarippe..._sf.ms

windows7-x64

3

ninjarippe..._sf.ms

windows10-2004-x64

3

ninjarippe...er.zip

windows7-x64

1

ninjarippe...er.zip

windows10-2004-x64

1

ninjarippe...porter

windows7-x64

ninjarippe...porter

windows10-2004-x64

ninjarippe...ter.md

windows7-x64

3

ninjarippe...ter.md

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ninjaripper1.7.1_with_new_script.zip

  • Size

    3.9MB

  • Sample

    230323-ath2jacc94

  • MD5

    72164663dee1c1a03d6015a93a581fb9

  • SHA1

    456f7b0f7996aedc02ade8cad0c6829c626b3bba

  • SHA256

    9239d766086757a9d1be4689371b1c0f48cf13cdaf8fc4d5655716eb914aaae0

  • SHA512

    1f445145067c29535503a6a10e2afb42a957104382953ae8ece564dfe17ca5e9fdbaab34a5676f4a98d48f5175ac855f648fc5fc9862d756f8b719d8c87305ef

  • SSDEEP

    98304:2YzlwGkdiWOXX+zFpTm2LMlPtsr+WbbJ9QUL8c0xC6avlO0QP4j7TG+RRRDmE:nwGkdiB+zFFWPtsr+SJ91LR2a00QAVmE

Score
6/10

Malware Config

Targets

    • Target

      ninjaripper1.7.1_with_new_script.zip

    • Size

      3.9MB

    • MD5

      72164663dee1c1a03d6015a93a581fb9

    • SHA1

      456f7b0f7996aedc02ade8cad0c6829c626b3bba

    • SHA256

      9239d766086757a9d1be4689371b1c0f48cf13cdaf8fc4d5655716eb914aaae0

    • SHA512

      1f445145067c29535503a6a10e2afb42a957104382953ae8ece564dfe17ca5e9fdbaab34a5676f4a98d48f5175ac855f648fc5fc9862d756f8b719d8c87305ef

    • SSDEEP

      98304:2YzlwGkdiWOXX+zFpTm2LMlPtsr+WbbJ9QUL8c0xC6avlO0QP4j7TG+RRRDmE:nwGkdiB+zFFWPtsr+SJ91LR2a00QAVmE

    Score
    1/10
    behavioral1behavioral2

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/help_en.txt

    • Size

      6KB

    • MD5

      4ce3d676a98688ada50a2f708518eb06

    • SHA1

      942ebb3286bc7a890346ef04b25f970a7f974171

    • SHA256

      77644f37b055769b830a88c872577fdce3ce9ca3af392faa1f77b0ce642be6f1

    • SHA512

      936df07fbebbbee3bc564f54bef9e59f05f4215cea46be6d2f7d7b96ab274ef5d2d6ac5539d11896fb05f4357f9e3c7b94ae9193a4409857d9b4caa5f2636e70

    • SSDEEP

      192:BxecAaI6Feie0eWRkgWR/zQr99I1K9TLFOx1096:Bxeca6Fe2eW2gy/zQJ9I1K9XFOx1c6

    Score
    1/10
    behavioral3behavioral4

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/help_ru.txt

    • Size

      10KB

    • MD5

      30228788f6d7c3b968e1e7eb2280982a

    • SHA1

      fba7fc5908fea43795bb7c7c61b1b29714f35e38

    • SHA256

      9c92a6e30be0b9f6d664075a3a34a06d9ac2f3249831a07f7aa97434a78dd502

    • SHA512

      c2f389cca138371cddb3a5aa455a076231056679fcff0e2c22461f9f740c72346f4cdf4adbf485fd3539505a17b42718cd1b6c243b24b3275286fd919c4cbe45

    • SSDEEP

      192:l4Z4m6mMQWFS5eSVUHFXlkwjYi3z316SvPvGsqXaAzG+ZIiB7Cp7gFjTaFjqMe9:l4tMtFg7kj9XvG5s+Z1RM7e9

    Score
    1/10
    behavioral5behavioral6

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script - Shortcut.lnk

    • Size

      1KB

    • MD5

      bb0b6fae433435404f162d4b3f317162

    • SHA1

      8866a0b41474b87de40ada8fe31b94e89b43114b

    • SHA256

      c457689a53c93d47f40c926bef87f3dffe7e67b38bb88b9163a6937f6d3c4890

    • SHA512

      1997628719d7e62081e237711f3115b74d900e77f7651435ee64e5ba562634e293bdde0aa19ee663c55e22a36f26146ec2775216772de348af30f440913ae33b

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7behavioral8

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/ripdump.exe

    • Size

      111KB

    • MD5

      8d609911365949348777f5db224ebd75

    • SHA1

      78a047d2dc6980c0c453c404f13fa13756a1123e

    • SHA256

      1e6c5b07d3903ad9e1a715b4585e4d7dd1ab3995652fddea6f01ef4413f032af

    • SHA512

      bebb763fba396eb2a68434551ef8ff83e9f4fd47ea4cb84662e895f4342b841353a4ee918accd1bc95ad5420255e0fd0716844d9eaf84cfd22090215b2f43a20

    • SSDEEP

      1536:cw8sBGZ2acw+VWXEzzeOLOiYMJyQnsOxfifc7pesWjcdL+f+uXBdM:qqGEzTWUfZDhqopBL+fpf

    Score
    3/10
    behavioral10behavioral9

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_GIMS_importer/EvoGIMS_manualinstall.rar

    • Size

      2.2MB

    • MD5

      d60fcc515b25b17fe20249e91dc97cc0

    • SHA1

      495104a81736240f8f9fc54ece428fab7e1e3c00

    • SHA256

      c4d0978ecda8b0afa722d943693be1d8133aa4f55874ad3817b725d03749ff86

    • SHA512

      6113f71d9a12fe573cf9d313b834111411ae5dd872e9e4f2a036ca54eca11dfc434e156285659db982ffe53fdcf668ca2754737a78f3ccc7b05bfce23b975449

    • SSDEEP

      49152:EzSeVeGkYkiWv2XX+z758eppC0Bm8VLMhTMstpmrRJSCMBqRbbMZe7:EzlwGkdiWOXX+zFpTm2LMlPtsr+Wbbt

    Score
    3/10
    behavioral11behavioral12

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_GIMS_importer/EvoGIMS_webinstall.rar

    • Size

      54KB

    • MD5

      c8a6e9895a188cebd0afe7b9476eab5f

    • SHA1

      0ba8b1ef3209857f5d387cd2524765b9799bec7e

    • SHA256

      55964db21d610d79139c533303d336f855c9b709a9cfa5d1541a909946b87f19

    • SHA512

      309d17e0d1caa791c7f81fedde019a5e62cf5b5e1fcd878d7b16d25c3901e98acf5ee67bb7c7f24963070a73832e1c917ee9402fba344bbb9501d3b0dfb07e89

    • SSDEEP

      768:Tuu11RYB3uGtQZFtg5YioMmw+VKnIW+niTcnWqC120eWaV9j5MHt1u2KMkwTK9L:TrIB3uGtQU9aQN+nc6WpreBO34MJTuL

    Score
    3/10
    behavioral13behavioral14

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_GIMS_importer/ShowEGIMSPath.ms

    • Size

      585B

    • MD5

      560a4e963f0edba3821de222e5587085

    • SHA1

      622f4ae5efd0f69ce83874a9639c060a92e90dac

    • SHA256

      7fcecfab81e1a92b5c5b54c59bf625d48e628500cd0736665c8a34f4ff8b9934

    • SHA512

      1014ab1c61a87d8e02a8a293f8de5cf4aad54ab89c830d2a5dcb6317e2a5213e29d6e5f3c95990593f55aa6159c2ad2c605ad3d55120f40d4f9605ee32bc682a

    Score
    3/10
    behavioral15behavioral16

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_GIMS_importer/nrImp_3Dmr.zip

    • Size

      7KB

    • MD5

      15b52f6e601296222eabdb35c26401a4

    • SHA1

      66a7d6d02096f25050d3b39e01e1e579320b4973

    • SHA256

      e3fd3ce63569c9bc78b679e82e166f0426531a686082b64d187266b1a5c4c4fd

    • SHA512

      e259cf61c18e76075c66dbeebf4475528d4ff2561880d25c40bb8e43292c9c35e242b77f904dcee4df60631320d6bc898b8fb979c64a1d5b34334cc2fd3d9a8a

    • SSDEEP

      192:7iqmEdcJHYi33jP6E7P6cpxhx7mljgAXQp+Fao8p4s:rteHYa3mEztx7mVXQkdPs

    Score
    1/10
    behavioral17behavioral18

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_maxscript_importer/ninja_importerb7_cl69.ms

    • Size

      21KB

    • MD5

      1f7a51d121613aade3f1094a5e653d43

    • SHA1

      7321a3e07709fdf4f16c3fae3109dc6ff4f4b8c6

    • SHA256

      b8feff8285bec9617cabf0c5c2b196cdf83255bf540b8e12e6a83e5359619ee0

    • SHA512

      71c8c2c083cff74460481a32e92bf16ea6b34ae758f7d739204f328c4504122f07034e2b6500c8051c5e28e63fcad54f092861d7c7914245a98c39bb46c57384

    • SSDEEP

      384:wF1s+Hy2Zk85s8I1Bo8uZD7vOl6eH2hCDchZ++sVebWGrKsIPaiXrlGg:wk7L85s8VjO5H2FmiWJs9+h

    Score
    3/10
    behavioral19behavioral20

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_maxscript_importer/ninja_ripper_1.3.ms

    • Size

      18KB

    • MD5

      cf0cbb596fd1ba36282c61c0283f31ba

    • SHA1

      4f86042e06a318197a0f7af8bce0f5fdc9df8031

    • SHA256

      552e9f63d32e86379c68cc865a0ba297a8f7fada90e02fd41c95f28d19ee8f2f

    • SHA512

      559e313c08efb8cbb823a9fda278ed3c08a5aa7ab89e17a20ad1ae76efdcbea402e6843cf580064d027f4ce03e32d300f7cfb18bb3fcefae07b02898faa71970

    • SSDEEP

      384:FQvc+Hy2Ck8vs8IIAKo8uZDPvOl6eOLFeBhZhvGWGdsJmrKz:Fx7u8vs8I/O5OLFe/GWosOg

    Score
    3/10
    behavioral21behavioral22

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_maxscript_importer/readme_for_ninja_importerb7_cl69.txt

    • Size

      879B

    • MD5

      d36ecebc78095c664be107b2c7fbed40

    • SHA1

      0f86a6333216d8a1dfb728cbf4feae819b681286

    • SHA256

      c2918cafb234a5d866a745323da94f0532cf305d3d9a94bb465bd17d43545c4c

    • SHA512

      64560018e3760855a976b493921584f9b710f507050292199806be0755180372552ba8ade1f83c0a6ca72e1a41e0d262abab0dc387d12fdd780b655097e61d54

    Score
    1/10
    behavioral23behavioral24

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/3dmax_maxscript_importer_sf/ninja_importerb8_sf.ms

    • Size

      32KB

    • MD5

      a50939ba9f37bad225cdbf9e2f9dc9a2

    • SHA1

      70787f596d767366e84d91551ce4070faa9981fa

    • SHA256

      363114b3dd1f6be5c541e367c990c1d4f23317917c28afbe7f2e461e06776c65

    • SHA512

      71adfa2e4dfb43c1e3d6b67ebbe60b342c50f17376364d43452e7d8e0959df55d1228552bb41d6a60309d2fbb53a8add4e6a577b35c81d0847f9cb4ea019df3b

    • SSDEEP

      768:w57L85s8VM85s8WO5HqLRFmiWJs9+vslYI:S7L85s8VM85s8WOOmiWJsovsKI

    Score
    3/10
    behavioral25behavioral26

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/blender_ninjaripper_importer/blender-import-ninjaripper-master.zip

    • Size

      15KB

    • MD5

      f550e6a7f40e21d35f2d65402f829108

    • SHA1

      0e41e7a9bbcaf65532cd873f14bffafce73abfe7

    • SHA256

      503565f44c2f71ad73e3d745c85e57879327cc94d4e8ebf17b6e056547b03493

    • SHA512

      e4f47dd3dea3514699556e0dcb3e2f285999c257622ff053060c8b4969e06d62f8417f42803ab04e34948dfb4e2380ad4b634f0e0b4230d6b9f7a11cd4d8f9e6

    • SSDEEP

      384:KjA21gQXCBfmijlaPn6wdXcqKfUyLLfl4WRr61:KJzE+ijlun60XUfUyN4Ww1

    Score
    1/10
    behavioral27behavioral28

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/blender_ninjaripper_importer/blender-import-ninjaripper-master/blender-import-ninjaripper-master/LICENSE

    • Size

      14KB

    • MD5

      4641e94ec96f98fabc56ff9cc48be14b

    • SHA1

      db95910cb27890d60e596e4c622fc3eeba6693fa

    • SHA256

      d8c320ffc0030d1b096ae4732b50d2b811cf95e9a9b7377c1127b2563e0a0388

    • SHA512

      bd6aecc82d6894394ca4d871e96f68a36f8e84b56d764223d1667e358123cbfc30eb0b85922c406002dc1c400fa4dfb9a0afa9d43d3f3876a4ecdb8a8e85a1f7

    • SSDEEP

      384:ghUwi5rpL676yV12rPd34ZomzM2FR+dWc:gmFWixMFzMd3

    Score
    1/10
    behavioral29behavioral30

    • Target

      ninjaripper1.7.1_with_new_script/ninjaripper1.7.1_with_new_script/tools/blender_ninjaripper_importer/blender-import-ninjaripper-master/blender-import-ninjaripper-master/README.md

    • Size

      171B

    • MD5

      659024ffb429bc8926bf86650a71022c

    • SHA1

      44e464a271ff696f747369dacb80388a2d2bb1f2

    • SHA256

      81435b1fc909fb0a8443382eb2d6e5e7bf1e463ca4416de3d8d9e26debe91f68

    • SHA512

      531000bb035a9d713d0a1a994e429d32f5740a51a824dba03e36fd64db0f5cd3e16f39bf20d16d91fff55a4b212b8b315c0c5bd1dad408ded98c1e3ecaa76b38

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v6

Tasks