b96bfa86cbda44acf53a70c702327b2f5d5cef3023b0635f00b50f4a677f1426

Sharing

Copy URL

Twitter E-mail

General

Target

nipe.tar.gz
Size

308KB
Sample

230424-f1qylsbe5y
MD5

cfca158c7ce8caaec4483c7a3851f7fa
SHA1

6e08b9d87096115a2640432454cbb8a46bed0f72
SHA256

b96bfa86cbda44acf53a70c702327b2f5d5cef3023b0635f00b50f4a677f1426
SHA512

96c3f2c49f6eaaecb0e40d589bc9b5a8344a7890bbad7149032ef683bb9350dff238ec7eb66b286954b3e607a853d0258e760af5f4d1acd7bedec24dcb086a89
SSDEEP

6144:PBcJcH0uQhgdKY45oFxsqBph0Wu0HKsXnZwYbfnZ5sZLfdsGgHQcXsX+c:PB1NdK5CyJ4ZwYbB+sXC+c

Score

6^/10

Malware Config

Targets

- Target
  
  nipe/.git/hooks/applypatch-msg.sample
- Size
  
  478B
- MD5
  
  ce562e08d8098926a3862fc6e7905199
- SHA1
  
  4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd
- SHA256
  
  0223497a0b8b033aa58a3a521b8629869386cf7ab0e2f101963d328aa62193f7
- SHA512
  
  536cce804d84e25813993efdd240537b52d00ce9cdcecf1982f85096d56a521290104c825c00b370b2752201952a9616a3f4e28c5d27a5b4e4842101a2ff9bee
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  nipe/.git/hooks/commit-msg.sample
- Size
  
  896B
- MD5
  
  579a3c1e12a1e74a98169175fb913012
- SHA1
  
  ee1ed5aad98a435f2020b6de35c173b75d9affac
- SHA256
  
  1f74d5e9292979b573ebd59741d46cb93ff391acdd083d340b94370753d92437
- SHA512
  
  d6bb7fa747f4625adf1877f546565cbe812ca7dd4168f7e9068e6732555d8737eba549546cf5946649e3f38de82d173aaf9c160a4c9f9445655258b4c5f955eb
Score

3^/10
behavioral2
- Target
  
  nipe/.git/hooks/fsmonitor-watchman.sample
- Size
  
  4KB
- MD5
  
  a0b2633a2c8e97501610bd3f73da66fc
- SHA1
  
  0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4
- SHA256
  
  e0549964e93897b519bd8e333c037e51fff0f88ba13e086a331592bf801fa1d0
- SHA512
  
  5168643c1768ec83554a9066754507a781b6d14251a46a469222d462efc6ca87a72c90679154e8a723349c91e7772b32ac9b08dfe313cded0ee0a6f17885079e
- SSDEEP
  
  96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
Score

3^/10
behavioral3
- Target
  
  nipe/.git/hooks/post-update.sample
- Size
  
  189B
- MD5
  
  2b7ea5cee3c49ff53d41e00785eb974c
- SHA1
  
  b614c2f63da7dca9f1db2e7ade61ef30448fc96c
- SHA256
  
  81765af2daef323061dcbc5e61fc16481cb74b3bac9ad8a174b186523586f6c5
- SHA512
  
  473ad124642571656276bf83b9ff63ab1804d3c23a5bdae52391c6f70a894849ac60c10c9d31deff3938922ce83b68b1e60c11592bbf7ea503f4acd39968cefa
Score

3^/10
behavioral4
- Target
  
  nipe/.git/hooks/pre-applypatch.sample
- Size
  
  424B
- MD5
  
  054f9ffb8bfe04a599751cc757226dda
- SHA1
  
  f208287c1a92525de9f5462e905a9d31de1e2d75
- SHA256
  
  e15c5b469ea3e0a695bea6f2c82bcf8e62821074939ddd85b77e0007ff165475
- SHA512
  
  cb78aa7e9b9c146e5db65d86dd83f04e2b6942a06fab50c704a0fd900683f3b6ad1164e74afe2f267f6da91cdff0b9ab07713e12cefc6f8d741b5df194f4fda6
Score

3^/10
behavioral5
- Target
  
  nipe/.git/hooks/pre-commit.sample
- Size
  
  1KB
- MD5
  
  305eadbbcd6f6d2567e033ad12aabbc4
- SHA1
  
  a79d057388ee2c2fe6561d7697f1f5efcff96f23
- SHA256
  
  f9af7d95eb1231ecf2eba9770fedfa8d4797a12b02d7240e98d568201251244a
- SHA512
  
  7cfb0a58abed1915ee1b261a1c661c7e2deea4e9227f77f5875af1a25c82e19245ba12dcb2f5052d994d0e81a3465daf37f9d8c670e17f9c96742f60fdfaaa56
Score

3^/10
behavioral6
- Target
  
  nipe/.git/hooks/pre-merge-commit.sample
- Size
  
  416B
- MD5
  
  39cb268e2a85d436b9eb6f47614c3cbc
- SHA1
  
  04c64e58bc25c149482ed45dbd79e40effb89eb7
- SHA256
  
  d3825a70337940ebbd0a5c072984e13245920cdf8898bd225c8d27a6dfc9cb53
- SHA512
  
  e4dc204494f5062efa3032b00c64707a4f38978040482501b3e085f071e3ee5a9737d537e6a52002ceb4ebe2bfe09e555c5d969581e80b3eba2a922015c67960
Score

3^/10
behavioral7
- Target
  
  nipe/.git/hooks/pre-push.sample
- Size
  
  1KB
- MD5
  
  2c642152299a94e05ea26eae11993b13
- SHA1
  
  a599b773b930ca83dbc3a5c7c13059ac4a6eaedc
- SHA256
  
  ecce9c7e04d3f5dd9d8ada81753dd1d549a9634b26770042b58dda00217d086a
- SHA512
  
  cc98bbe0e3865e2023af04416e10689e3aecd3f3928cf90c2acc0d3d7306388886779025c8967c8ea198af1f4fe29d16c65d4e1d546c7a8fa513f5ba7df16850
Score

3^/10
behavioral8
- Target
  
  nipe/.git/hooks/pre-rebase.sample
- Size
  
  4KB
- MD5
  
  56e45f2bcbc8226d2b4200f7c46371bf
- SHA1
  
  288efdc0027db4cfd8b7c47c4aeddba09b6ded12
- SHA256
  
  4febce867790052338076f4e66cc47efb14879d18097d1d61c8261859eaaa7b3
- SHA512
  
  00d21d5d72386c3d9b5a1c36ba85201f730556a8295d4353af54af7892ab81010d42aff209ec1fda61c54e4dda3737cea5fda64f09d40ce5004ae28239565025
- SSDEEP
  
  96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
Score

3^/10
behavioral9
- Target
  
  nipe/.git/hooks/pre-receive.sample
- Size
  
  544B
- MD5
  
  2ad18ec82c20af7b5926ed9cea6aeedd
- SHA1
  
  705a17d259e7896f0082fe2e9f2c0c3b127be5ac
- SHA256
  
  a4c3d2b9c7bb3fd8d1441c31bd4ee71a595d66b44fcf49ddb310252320169989
- SHA512
  
  ee08c11fab7e896b2e09c241954ba7640338b12c75cd8040daf053c31b2f22236d7a0deac736f89d305236312fdb4f560a38d4d8debdcc9dcdd23b2d975907d5
Score

3^/10
behavioral10
- Target
  
  nipe/.git/hooks/prepare-commit-msg.sample
- Size
  
  1KB
- MD5
  
  2b5c047bdb474555e1787db32b2d2fc5
- SHA1
  
  2584806ba147152ae005cb675aa4f01d5d068456
- SHA256
  
  e9ddcaa4189fddd25ed97fc8c789eca7b6ca16390b2392ae3276f0c8e1aa4619
- SHA512
  
  50ec8a0dd98427e80a82a8d8ce44462a845876e1594c9d0e89483ce9a8aaad616edea0e5c45c1bb69d8fe7f520c6f2260d6fa350d77b400899c3ae375e965bfb
Score

3^/10
behavioral11
- Target
  
  nipe/.git/hooks/push-to-checkout.sample
- Size
  
  2KB
- MD5
  
  c7ab00c7784efeadad3ae9b228d4b4db
- SHA1
  
  508240328c8b55f8157c93c43bf5e291e5d2fbcb
- SHA256
  
  a53d0741798b287c6dd7afa64aee473f305e65d3f49463bb9d7408ec3b12bf5f
- SHA512
  
  586efb6a206f73d8a94561266153a624e2753830bc431a283bed998c46ac00a9df4995ddfd0aa852b1a22b4672c80f2c33cee3fe2e3321e392ff4cef26dbf75e
Score

3^/10
behavioral12
- Target
  
  nipe/.git/hooks/update.sample
- Size
  
  3KB
- MD5
  
  647ae13c682f7827c22f5fc08a03674e
- SHA1
  
  730e6bd5225478bab6147b7a62a6e2ae21d40507
- SHA256
  
  8d5f2fa83e103cf08b57eaa67521df9194f45cbdbcb37da52ad586097a14d106
- SHA512
  
  be3780974589d06eddba6fa0aa15a3e3dfe390e2827a1a6ae5cb83d6ac47e79ef9b1bbb53f067372f8dc70db0350d3770e78537fd3cfe734200ff824eca4cada
Score

3^/10
behavioral13
- Target
  
  nipe/lib/Nipe/Engine/Restart.pm
- Size
  
  369B
- MD5
  
  62712874a11ebc9e264460ec87eb4748
- SHA1
  
  79a853414bc806798470b7286e8f6197c95a0708
- SHA256
  
  a1470fcce6611ed0e5d5f398d5046656af1e866a7c15abd521ca3ec58ea79b19
- SHA512
  
  68bf190ad59d5ae68135b750f0ad3b0b5dca62a81e79072d311a211fcbb5535905a98f34207926aa4bb68305b9d9df611eebc8c39dd4cb68919a7ce07dae2cd9
Score

3^/10
behavioral14
- Target
  
  nipe/lib/Nipe/Engine/Start.pm
- Size
  
  2KB
- MD5
  
  38efd55ffb2f991a27c9e1dc4e409658
- SHA1
  
  45b5dbc2855af95606c1ac34601f961b5922a5c0
- SHA256
  
  f937f0c60b981afb7f1cd56bf75ca7c4e875f26c67f7faf1bf3ccf9055ba1dc2
- SHA512
  
  ead5742a1675fe3457bf4d4c133cfa62e367ec666fdbec770ef21f5c105eb36ffc58833bd54ed006edc539961ea4c5b6ffaf522a512f1570f1792d73a07b5c4c
Score

3^/10
behavioral15
- Target
  
  nipe/lib/Nipe/Engine/Stop.pm
- Size
  
  553B
- MD5
  
  9c8582c571048a6a6cbdf69223064005
- SHA1
  
  ba850db39d8306bec97ca86c12a29b9591fe7344
- SHA256
  
  89e2fe92757b26a35a9f49689cd4ac0eede35fc706251f1727b76c924aa0f8c9
- SHA512
  
  5ba7939280ce4156a4660a8facee9c50f93564ab30e2a719d059a2ddd602ae0089b1d296a4542b416980a2f3e4f5d54281f75eb87d6bbf0ecdfb4ed44eb426d6
Score

3^/10
behavioral16
- Target
  
  nipe/lib/Nipe/Utils/Device.pm
- Size
  
  807B
- MD5
  
  bd007f962261ad11ea750e541f0d7d62
- SHA1
  
  c87fafba6994533ada8aedf8cad33e424c85fbac
- SHA256
  
  ecbaac3466137dab3f177d977d5a7d62a9268d3ce636fc22313a51172c56a208
- SHA512
  
  13cc948d773728aaf48fb23d3b43b77eb9223c222fb59cb1b7d308d0d990b15de3ce54745ef846e07c85effbe7e10ae01ad3b02ec294a52b78b5d79ab79f29a6
Score

3^/10
behavioral17
- Target
  
  nipe/lib/Nipe/Utils/Helper.pm
- Size
  
  389B
- MD5
  
  13647cd84176f3b4bccda32a111ba74d
- SHA1
  
  394a8f80ecff314c3089fcb9aaa62d5583abd232
- SHA256
  
  20db3c458f67b85476e83ae160b27f55b612680368a7e93a9bd4b7fc40467bb8
- SHA512
  
  a912297cfb56eb29800fd5b2405250f29482d141028b2a2693456ce063d644adaf638028f9e679f07b80010cb06621b29d8dd2c56697939c0a0a8f8258043897
Score

3^/10
behavioral18
- Target
  
  nipe/lib/Nipe/Utils/Install.pm
- Size
  
  712B
- MD5
  
  a4cce8890500c13c5fa6c31f4f25c68d
- SHA1
  
  545034e571e5d7dd686c09ade7348c2bb2f5eb2c
- SHA256
  
  0ab587af1642373ef50d9f0f4d79e3ee6e7bd01c3c558bee7dc86762caee2dd1
- SHA512
  
  f6c42163d2887552989a092b8c401ad3fbf43f5e195d499b41537cb29d356112720bd1b67712d1ac2d2eee3a6f3c508fd80ada85f15eddde81a483ce8c29b32a
Score

3^/10
behavioral19
- Target
  
  nipe/lib/Nipe/Utils/Status.pm
- Size
  
  568B
- MD5
  
  f602c2411d0dee06165a48e340de3907
- SHA1
  
  9b30c2f69711edd7cf64247f2dbe1914e8500fbd
- SHA256
  
  12bbf8a13f21956bb4228ba7252e3e73d82cdafbba04b9f62aacfbf6bc419dca
- SHA512
  
  7f5762557942a92d96270b71c4459343de76d6f919e3bc9b0dd90be2d49c1d50428b469834f7fd5c15d73173eccc39dad261232d16f9883d7839f343866d1152
Score

3^/10
behavioral20
- Target
  
  nipe/nipe.pl
- Size
  
  858B
- MD5
  
  de395c7c09f074029340c211fbe5cb24
- SHA1
  
  c43966902e9ac1be31a26d476a2ef11341c5f42f
- SHA256
  
  3b6bb0d5af6560fa59c55ead1fc1343ed352601f3b6352f914b05793dec4f254
- SHA512
  
  1ba811ddeec27d6431dfd4b4296f50e442849dc52e37b49d4794392f18693284c36965097cd2dd4654e05cf6f963a76230e98fd499c21383f312d1cc56b3a735
Score

3^/10
behavioral21

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Looks up external IP address via web service

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21