8d84e7d51995e229844e3375b91e31b12c5f413e0fa8ff369cb54355fe05f6c5 | Triage

Sharing

General

Target

Loader_Nightlight.exe
Size

560KB
Sample

230721-19myjaha98
MD5

eefd263f90538d866981daf683424b86
SHA1

639363e932b7aaa41a3d1fcef7c27831ec7755ec
SHA256

8d84e7d51995e229844e3375b91e31b12c5f413e0fa8ff369cb54355fe05f6c5
SHA512

aa12579fb7cfa8225d4c36dd1b022edbe78cc2924de9053bfdb238a3698beb9542cefaf137806f86d46c07ae45cb203d8c18b9bf2893e1b6b57f4cd7d99e8fd2
SSDEEP

12288:n8sCZLdC/jGiKcT063eR7RHWm3CJF8zyw:89LdpiPiR757348zy

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  Loader_Nightlight.exe
- Size
  
  560KB
- MD5
  
  eefd263f90538d866981daf683424b86
- SHA1
  
  639363e932b7aaa41a3d1fcef7c27831ec7755ec
- SHA256
  
  8d84e7d51995e229844e3375b91e31b12c5f413e0fa8ff369cb54355fe05f6c5
- SHA512
  
  aa12579fb7cfa8225d4c36dd1b022edbe78cc2924de9053bfdb238a3698beb9542cefaf137806f86d46c07ae45cb203d8c18b9bf2893e1b6b57f4cd7d99e8fd2
- SSDEEP
  
  12288:n8sCZLdC/jGiKcT063eR7RHWm3CJF8zyw:89LdpiPiR757348zy
Score

8^/10

evasion
- Stops running service(s)
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1