594f4d25f6e9fa9c28504c4f9cca1287b2f5e5b950bb36028a58789f0ef85096 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Nexus_reporter.exe
Size

10.1MB
Sample

230806-ljb11sgg25
MD5

25255d3fd602f0d668fd61e9e2788a99
SHA1

4bf0c05925e3169cb1fd6c32765bc455a1d5ab9b
SHA256

594f4d25f6e9fa9c28504c4f9cca1287b2f5e5b950bb36028a58789f0ef85096
SHA512

e3026e22fe25c40300efca38e0d9f30898b212066d2629008ce0c3b6d4d1b11931a5af7dccdeb790d23c920d841719d34a901d017be24761057b47398d177573
SSDEEP

196608:mm7CIHTddrY3a/yqjn/RNrlHAjoG+IPDfyGw21X5Sp6GemDMPwXnFXWg1Lm0pttC:h2k5ZY3a/y4ZxlHOFPDfDTpfaMPqnTJk

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Nexus_reporter.exe
- Size
  
  10.1MB
- MD5
  
  25255d3fd602f0d668fd61e9e2788a99
- SHA1
  
  4bf0c05925e3169cb1fd6c32765bc455a1d5ab9b
- SHA256
  
  594f4d25f6e9fa9c28504c4f9cca1287b2f5e5b950bb36028a58789f0ef85096
- SHA512
  
  e3026e22fe25c40300efca38e0d9f30898b212066d2629008ce0c3b6d4d1b11931a5af7dccdeb790d23c920d841719d34a901d017be24761057b47398d177573
- SSDEEP
  
  196608:mm7CIHTddrY3a/yqjn/RNrlHAjoG+IPDfyGw21X5Sp6GemDMPwXnFXWg1Lm0pttC:h2k5ZY3a/y4ZxlHOFPDfDTpfaMPqnTJk
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1