Overview

overview

5

Static

static

3

NitroGen/setup.exe

windows7-x64

5

NitroGen/setup.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    12s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    02-08-2023 07:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NitroGen/setup.exe

  • Size

    2.5MB

  • MD5

    b55c06303f9c7f911a2af581dda35dd9

  • SHA1

    e9969d40afe53a03f1af8b10dc9650621e5d128d

  • SHA256

    0184f5c68e4d98a5bfab889b66ac59f81e24b6939b15222021ba904172641819

  • SHA512

    44cd6fc23e0c65fc7b6cfa366a5a0935c9557f8d79a0c80dc18de8afc25bec7704526ab52032771d56e89a4c2626647e4518e7ca7c163128db748db08c2216c1

  • SSDEEP

    24576:EZTqr7G0hOkahtzTx+VhaRO1lD6mepV6yMacTVBV1/AAb:En0hOkaL/YKkaBc5BZRb

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NitroGen\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\NitroGen\setup.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2584
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
      2⤵
        PID:2064
      • C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
        "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
        2⤵
          PID:2324

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2324-55-0x0000000000400000-0x000000000045A000-memory.dmp

        Filesize

        360KB

        Download

      • memory/2324-58-0x0000000000400000-0x000000000045A000-memory.dmp

        Filesize

        360KB

        Download

      • memory/2324-60-0x0000000000400000-0x000000000045A000-memory.dmp

        Filesize

        360KB

        Download

      • memory/2324-61-0x0000000074500000-0x0000000074BEE000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/2324-62-0x0000000007290000-0x00000000072D0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2324-63-0x0000000074500000-0x0000000074BEE000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/2324-64-0x0000000007290000-0x00000000072D0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2584-54-0x0000000001010000-0x00000000011B7000-memory.dmp

        Filesize

        1.7MB

        Download

      • memory/2584-57-0x0000000001010000-0x00000000011B7000-memory.dmp

        Filesize

        1.7MB

        Download