8b5c95473c998e8a7c30103ec376109bd5a611167c069841377e932d3a4764ad

Sharing

Copy URL Twitter E-mail

General

Target

PACK CFW NINTRICKS v16.0.3.zip
Size

20.6MB
Sample

230515-a7hypagd6v
MD5

e775591a792270414e1f665f4937d5f5
SHA1

abd50bafafb4a417f320de8fb6df5a6bea39050a
SHA256

8b5c95473c998e8a7c30103ec376109bd5a611167c069841377e932d3a4764ad
SHA512

5e242469c145527c2948c8e5a0cb7e3291cfceb74df90fc98632777318d14fd57aa6d31d3c62571e2a564ea89d193398d938ff86ea28253a51a96ddcf8864817
SSDEEP

393216:fU2yZib9429dY1+4osIa3qNfvJnfOeFfOnbYqHfOHUNU6kbHUEHuLW5I141iiFjL:8dKGUdY1HosIdBvJf7uX/v5LL0I1UiML

Score

7^/10

Malware Config

Targets

- Target
  
  PACK CFW NINTRICKS/Canal de NinTricks.url
- Size
  
  123B
- MD5
  
  1d968bf2ee8d67ee2617a003f9517602
- SHA1
  
  1868a981fcfcd5fa531dfdd0e2307d6734b2e5c3
- SHA256
  
  2d08460ea6b4c0e63b4eb18a65ecae930f7c3602e1984acb468a9e2d45cef7b7
- SHA512
  
  84d230a9332e34651c8b285008225f628f2465ffea89f0c01844d399bfe63cc6721fad69930bd3947dcfc61b17de6042755d1f5f2467bb7379d68d9f76178a48
Score

1^/10
behavioral1 behavioral2
- Target
  
  PACK CFW NINTRICKS/Comprobar Mariko.url
- Size
  
  128B
- MD5
  
  ba9e75b52984c514b811a577d2e23744
- SHA1
  
  c005f733d1d0a22064cf54235dc997bd320cd0ae
- SHA256
  
  bab6a3d1e59dc966048cd6ce9f8dadc111ffbb9e96cb03735e259a1c0ff7c75d
- SHA512
  
  abce7388da7e8444a5f10d1f118b4901b9bc406baa95de114baa8ba3f972a5552c4b2eee5ad2ddcb36af43b6bef55c082af9222c7953a6cdbfbca872800441ed
Score

1^/10
behavioral3 behavioral4
- Target
  
  PACK CFW NINTRICKS/Diccionario.docx
- Size
  
  15KB
- MD5
  
  e36920b944e5a7ff574262bd5e5cd72c
- SHA1
  
  7bcadfbb4629e690fe3d86a2d5b6b9761c116f0c
- SHA256
  
  69242b6254dc05e88cb434c1aae943aeff04a8a9abc190ff849400dab9364b1e
- SHA512
  
  8c054fc5af473d9b4c32dfea84786849c64fd39fbc1aeb408ebd7b836f75df9fe21ad5b55b1b9240df267a549841d8a62d50d90744d68dc522feb8360507ed86
- SSDEEP
  
  192:jh7hMsx1TmcoVUSiKjORo76o4hF57qA9eYzEeB1SqCalA1CjrPvyUUwnZGkFh:dtqV1ORo7CfqA9eYzhS3alA1MqUdDh
Score

4^/10
behavioral5 behavioral6
- Target
  
  PACK CFW NINTRICKS/Enlace al tutorial completo.url
- Size
  
  163B
- MD5
  
  98c56dd26785dd432bde8e8b8324f38d
- SHA1
  
  07264a69e61df4bde920830949f483cf9e143e1c
- SHA256
  
  a45a53f44f60afd8baab62ca27b3731cfa4c979240102430f20e033250e9e79a
- SHA512
  
  7226a7408abb9ed12159fe99be4f1a68a39abd013e5a2bad9eba01a5c85f58d34850f0ceeaa16dfa3b14db2a80f86c3fea190bcc9ba2a044a27c0b286e97c4b9
Score

1^/10
behavioral7 behavioral8
- Target
  
  PACK CFW NINTRICKS/Hacer Jig.url
- Size
  
  128B
- MD5
  
  9e794192537853c1ebdf18b69779d9e9
- SHA1
  
  38134d3d9a1d071b45a2f4b3b976aa6a292eed44
- SHA256
  
  caafb86608aaf26967a53cb38036d4310abca915578401edbc467191a2829664
- SHA512
  
  ffd1ed928afba45df409e9984df2b96baa073a8eb4cb2caf7a5feeaf32acd388a7cb62f6aa61b5d5643ea72ac8eced4487154c46a84ce83e44960829706906fe
Score

1^/10
behavioral10 behavioral9
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/TegraRcmGUI.exe
- Size
  
  975KB
- MD5
  
  639acd0f409eaea72330845066865a3b
- SHA1
  
  0e1395bac3989286a25016811798655eea50031d
- SHA256
  
  1687c9c74aacf526a3c64dd8fad7d17789bea3a10de3f8ca3f005ada6e3df29c
- SHA512
  
  a7c4367c116e22f484b2b08b9d833f75dab3aecf23eabd2bb51523ccba41cde1f93188dc8e2280710f9f554738bda75848f42bb85a3274fad741b2b67272bc93
- SSDEEP
  
  3072:9xMmQ8UqDAAWbtQnL86sGV8NdUwUAIlnDCJ+uYM559j02FSpvt0TV0My+h1+Rhil:grXL12wanDCJ+bMJTVWj3
Score

1^/10
behavioral11 behavioral12
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/TegraRcmSmash.exe
- Size
  
  573KB
- MD5
  
  427f6e38aa4dc8f3a15a2a6bbec55df9
- SHA1
  
  e34d6b1f8f316ec596ab19490d4a6363d33dbfcf
- SHA256
  
  f939cb8780bf632294d717998afee8146debf3f1251fc0432930fe4a74b815ec
- SHA512
  
  3779e2ceaaaf1808ea8aaad50bc71aad0bfaa950e24362127c6f774901ff26f9f2c4bf01c0484ed476cae06af95e4859baf819cf1046d001ffb54e10a2804764
- SSDEEP
  
  12288:PkK4GS0txzaPekdF69cT2oHLQrPLQuBPnv6h:P749wkb6qTFLOPPCh
Score

1^/10
behavioral13 behavioral14
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/7ZDP_LZMA.sfx
- Size
  
  97KB
- MD5
  
  e2effdd038f9e02999734e4a324311c8
- SHA1
  
  d84ef5a0069658e495c94ff24476da355f898655
- SHA256
  
  530586353f8980a22e88b6bfe7ebd527f6353f883736672858005e607febf6fa
- SHA512
  
  84b350f6bbadb55e59b5b358d48a74fa2a7535cccf0cf54219c861dbbc59992bf9f99659901a0164da82c7b2d2bcc8582c70c143c931c8b5f0690ee9da8ccf5f
- SSDEEP
  
  3072:ctN1OboawXPVlSEGSi26TdmUnJi/Zz4ftU4u1:WN1SoZfz5GSirTdBnI/Zz4fGp1
Score

1^/10
behavioral15 behavioral16
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/InstallDriver.exe
- Size
  
  3.6MB
- MD5
  
  b1d6b1a6c57da8fb5359c3e1d5340360
- SHA1
  
  82c5450a3afb9e358e249703c712b51e148c46b4
- SHA256
  
  37f79489242857810416f5ff88068f0e101e6b25af7c2476e8821c5725561be4
- SHA512
  
  872ee97b7647c3884a1c27e295131dfce1afc52d332616fbc9c1d50f283f11de1addf28f9740623304b97ec7301d38a1dd65bb6fed549bdb735f3d959b62b9e8
- SSDEEP
  
  98304:WZtzSL6E9NkSy38jWLMMMyziqcrX6G5ijWAKJSQktZi+0:WTOWCkPzXeqE3ijWC0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/dpinst32.exe
- Size
  
  900KB
- MD5
  
  30a0afee4aea59772db6434f1c0511ab
- SHA1
  
  5d5c2d9b7736e018d2b36963e834d1aa0e32af09
- SHA256
  
  d84149976bc94a21b21aa0bc99fcbdee9d1ad4f3387d8b62b90f805ac300ba05
- SHA512
  
  5e8a85e2d028ad351be255ae2c39bb518a10a4a467fd656e2472286fee504eed87afe7d4a728d7f8bc4261245c1db8577deeee2388f39eb7ee48298e37949f53
- SSDEEP
  
  6144:EZtaKSpwmx5ATm/LC3fwf3OoU9xkYSr/mdBTRhKWIjsRP/1HHm/hHAM8i6r+LyIU:EZxSpwmxvL/f3vCN1PMaLi6rAyIQjF
Score

4^/10
behavioral19 behavioral20
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/dpscat.exe
- Size
  
  36KB
- MD5
  
  eb7409d7cd6e8d8edec5e3209385f88a
- SHA1
  
  31555fc8fca9ee669a82dafe4b5876900877a61d
- SHA256
  
  7a40e13568d9a4e33fb7ed34dc0abd21a9c097beae9c0e4ade3b99f05a0f60d9
- SHA512
  
  4038ad98ac4550daad41011de597c54a57f923b624c9088f52ebbbbc5822466959e08d00d9276a35c78133807b22613a52811a7517629a16e93a52a041b44f4f
- SSDEEP
  
  768:z/KwzwA/e4BFPfLRdM1bl2kZ6Z8X2KgbzD:z/5wA/e4BFPf0bq82F
Score

1^/10
behavioral21 behavioral22
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/x86/WdfCoInstaller01009.dll
- Size
  
  1.4MB
- MD5
  
  a9970042be512c7981b36e689c5f3f9f
- SHA1
  
  b0ba0de22ade0ee5324eaa82e179f41d2c67b63e
- SHA256
  
  7a6bf1f950684381205c717a51af2d9c81b203cb1f3db0006a4602e2df675c77
- SHA512
  
  8377049f0aaef7ffcb86d40e22ce8aa16e24cad78da1fb9b24edfbc7561e3d4fd220d19414fa06964692c54e5cbc47ec87b1f3e2e63440c6986cb985a65ce27d
- SSDEEP
  
  24576:GjG90oN2lj11mk/22yYzGrarZRm4X5Uh6rVh5LdfBwOyCSQM1fFhSWRA2+:iGtN2h1120R7m4XShYVxfBwrC21fXSz
Score

1^/10
behavioral23 behavioral24
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/x86/libusb0_x86.dll
- Size
  
  66KB
- MD5
  
  535779909a40b42f4f3e48598f5778a5
- SHA1
  
  3a238468009a6dea3e4f70821339185e56ea3b69
- SHA256
  
  00caca07869b19d10b370552ac7cc2f6f2ee246fc15db11650f6cd3f4ef9b666
- SHA512
  
  723b42c3df960f031343b9bb74a55ab874cd1f740a187a58bfecdad78876dd227392f18f6faea33e743593511a12635ef6419bb68d4361c6631584ebc8838e80
- SSDEEP
  
  1536:oy92wLYdq5fSmFBkg9uiMNoRP/RzojE5h5IlmkOC+ziUqT:ozwLjtSIi8MNoIjCh5IlmBM
Score

1^/10
behavioral25 behavioral26
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/x86/libusbK.sys
- Size
  
  41KB
- MD5
  
  1f17dfe26285cf9971e55ddff915877b
- SHA1
  
  4ca41a2dc9cb5679c917035b64616333f09e1be4
- SHA256
  
  6265ae9ae5c49f515613f0b749ad8390a1b34ca326203318bffeb6c2c281d2d0
- SHA512
  
  e1e6c186307917a6d2fa641bce96e71d15a79b80ce48a74b241bb020e6b1cdcd94c9e65a32283ee86dce3fd3bbf9161a50e6b8445859a368be848e71686a6377
- SSDEEP
  
  384:ZHWvOrIuIlUc5lxC2SwbckkmFsTHczYjmxgUSI27EO0A0BoUmROX1GuOLRJ5MdJI:xMl5lUc5lxrtzqUSppOEhLRJ5kkAKgXC
Score

1^/10
behavioral27 behavioral28
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/apx_driver/x86/libusbK_x86.dll
- Size
  
  82KB
- MD5
  
  22e9219bc86bb8d3fb6209acdbf76739
- SHA1
  
  fc2350e45b0c7bdac7ac35f42b65f5fdfd622464
- SHA256
  
  22803c719494f193d22519bfaff9484fecdcf1fadd6f082efd024fcee0b97ba4
- SHA512
  
  411b5440ce5321e07a1e0ca3cae8699132792a5deeb348a0ed1078b9f43f4628568cb338621eeb879416e33e4c7e4f8db7387b5e244e1e1e57712d4aa1ef4bde
- SSDEEP
  
  1536:jgqY+rhe9vVnupJvmOtY4l7apazAexoxDYruv:jgZvVneBYGJAexQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  PACK CFW NINTRICKS/PC/TegraRcmGUI_v2.6_portable/libusbK.dll
- Size
  
  82KB
- MD5
  
  22e9219bc86bb8d3fb6209acdbf76739
- SHA1
  
  fc2350e45b0c7bdac7ac35f42b65f5fdfd622464
- SHA256
  
  22803c719494f193d22519bfaff9484fecdcf1fadd6f082efd024fcee0b97ba4
- SHA512
  
  411b5440ce5321e07a1e0ca3cae8699132792a5deeb348a0ed1078b9f43f4628568cb338621eeb879416e33e4c7e4f8db7387b5e244e1e1e57712d4aa1ef4bde
- SSDEEP
  
  1536:jgqY+rhe9vVnupJvmOtY4l7apazAexoxDYruv:jgZvVneBYGJAexQ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32