Overview

overview

3

Static

static

3

Nitrox_1.7.1.0.zip

windows10-1703-x64

1

NitroxLauncher.exe

windows10-1703-x64

3

NitroxLaun...xe.xml

windows10-1703-x64

1

NitroxServ...ca.exe

windows10-1703-x64

1

NitroxServ...xe.xml

windows10-1703-x64

1

lib/0Harmony.dll

windows10-1703-x64

1

lib/Assets...ET.dll

windows10-1703-x64

1

lib/Autofac.dll

windows10-1703-x64

1

lib/BinaryPack.dll

windows10-1703-x64

1

lib/Discor...er.dll

windows10-1703-x64

1

lib/JetBra...ns.dll

windows10-1703-x64

1

lib/LZ4.dll

windows10-1703-x64

1

lib/LitJSON.dll

windows10-1703-x64

1

lib/LiteNetLib.dll

windows10-1703-x64

1

lib/Micros...ry.dll

windows10-1703-x64

1

lib/Micros...ll.dll

windows10-1703-x64

1

lib/Micros...ck.dll

windows10-1703-x64

1

lib/Mono.C...db.dll

windows10-1703-x64

1

lib/Mono.C...db.dll

windows10-1703-x64

1

lib/Mono.C...ks.dll

windows10-1703-x64

1

lib/Mono.Cecil.dll

windows10-1703-x64

1

lib/Mono.Nat.dll

windows10-1703-x64

1

lib/MonoMo...ur.dll

windows10-1703-x64

1

lib/MonoMod.Utils.dll

windows10-1703-x64

1

lib/Newton...on.dll

windows10-1703-x64

1

lib/NitroxClient.dll

windows10-1703-x64

1

lib/NitroxClient.pdb

windows10-1703-x64

3

lib/Nitrox...ca.dll

windows10-1703-x64

1

lib/Nitrox...ca.pdb

windows10-1703-x64

3

lib/NitroxModel.pdb

windows10-1703-x64

3

lib/NitroxPatcher.pdb

windows10-1703-x64

3

lib/NitroxServer.pdb

windows10-1703-x64

3

Analysis

  • max time kernel
    377s
  • max time network
    1620s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-es
  • resource tags

    arch:x64arch:x86image:win10-20230703-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    11-07-2023 13:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NitroxServer-Subnautica.exe

  • Size

    52KB

  • MD5

    77c090cdd1c3a3f5a8d3f24c6f3efb81

  • SHA1

    f8225d032a18c9d3a2935e164d8065c9203e70de

  • SHA256

    6a9c501b3f7442b5639171a3b3f62bfa37a02366b913e5bf2415b974f92ec15b

  • SHA512

    82548ef98c365d8e9029b9e67ea99f1745eac9d4697142c73757315068a2bd5a22314b0e76e64b587489b91d6425550a5135a5cc49a4b0a4cd531621dc5c114d

  • SSDEEP

    768:Cv1TH6xQt9tPSY/CBi8lKh5EPuVGePRM2p3QboZER04s4aCtRnC5b1BK3AK1xh4u:Cv1TH6xw6lZuFPJ6oZm0IrQ0Opri

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NitroxServer-Subnautica.exe
    "C:\Users\Admin\AppData\Local\Temp\NitroxServer-Subnautica.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:96
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" "C:\Users\Admin\AppData\Local\Temp\Nitrox Logs\server-20230711.log"
      2⤵
        PID:376

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\Nitrox Logs\server-20230711.log
      Filesize

      3KB

      MD5

      ca9db1353f336edf1012d058c2ef18b7

      SHA1

      4a6bb1992c6123df6bf298c90bb2d5c9bb5db643

      SHA256

      70e66455b128727ce5bd72865eda286b2a9efb01c0163686d1ca4734fb2b2be3

      SHA512

      6b73f9afdedf72e8ac8ce4afb7367b3167bf1b40ed491c0ef99f8d9fcfea32fd4b2334a84cb9f35de541abc761b16eddf582f251cf5378863aaac62bc56ccf01

      Download Submit

    • memory/96-122-0x00000212A4E30000-0x00000212A4E44000-memory.dmp

      Filesize

      80KB

      Download

    • memory/96-123-0x00000212A6A70000-0x00000212A6AA4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/96-124-0x00000212A6AC0000-0x00000212A6AFE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/96-125-0x00000212A6B40000-0x00000212A6B7E000-memory.dmp

      Filesize

      248KB

      Download

    • memory/96-126-0x00000212A6B80000-0x00000212A6BA6000-memory.dmp

      Filesize

      152KB

      Download

    • memory/96-127-0x00000212A5180000-0x00000212A5188000-memory.dmp

      Filesize

      32KB

      Download

    • memory/96-128-0x00000212A6BE0000-0x00000212A6BF0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/96-129-0x00000212A6BB0000-0x00000212A6BBE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/96-130-0x00000212A6BE0000-0x00000212A6BF0000-memory.dmp

      Filesize

      64KB

      Download