bf5debbf7b62117ac060513276fa0fdd91d403e62340b50e27db630be5a312f3 | Triage

Sharing

General

Target

NinjaCS_v1.2_[unknowncheats.me]_.exe
Size

3.5MB
Sample

231104-1h6xbshe22
MD5

c79ab0b486d21917a4d8a36d1239447a
SHA1

034837082d0d1021b2776fa7cd7ca4985f48f6ca
SHA256

bf5debbf7b62117ac060513276fa0fdd91d403e62340b50e27db630be5a312f3
SHA512

0e40d8f30d1be45e1273e6d91bee94f6a25f663b304c709fe14611af0511e0c24d298fd095e951f78e17bc59f04318ddf19cdcfacc7fc188998ca8028eaedfeb
SSDEEP

98304:Fcb+6LNja7lCx0BVgezCxFvrHvGopcZqrf:FcRL05+ezCxFPGyca

Score

7^/10

Malware Config

Targets

- Target
  
  NinjaCS_v1.2_[unknowncheats.me]_.exe
- Size
  
  3.5MB
- MD5
  
  c79ab0b486d21917a4d8a36d1239447a
- SHA1
  
  034837082d0d1021b2776fa7cd7ca4985f48f6ca
- SHA256
  
  bf5debbf7b62117ac060513276fa0fdd91d403e62340b50e27db630be5a312f3
- SHA512
  
  0e40d8f30d1be45e1273e6d91bee94f6a25f663b304c709fe14611af0511e0c24d298fd095e951f78e17bc59f04318ddf19cdcfacc7fc188998ca8028eaedfeb
- SSDEEP
  
  98304:Fcb+6LNja7lCx0BVgezCxFvrHvGopcZqrf:FcRL05+ezCxFPGyca
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2