bb822b36d04c3cc4f45c70a8f33fbb7492ba922e2b6a880f96e81c238dd5caaf

Sharing

Copy URL Twitter E-mail

General

Target

Nanami Win7 for Win10.rar
Size

164.3MB
Sample

240110-qj441sgbfp
MD5

74f474b1f1af6b18ea190e68c9acd327
SHA1

eb938ba5d4a806b2221efe641c5c1f081c1f556c
SHA256

bb822b36d04c3cc4f45c70a8f33fbb7492ba922e2b6a880f96e81c238dd5caaf
SHA512

09a1d9991ead75d854cc30cd61253e52241324ab54e231172d4bcdd054ff3429c174a3e179efc3e4d3fa44286fc9ab89c78f90aca5f3280de2386793ff13b50d
SSDEEP

3145728:8re6L+vt3bQUPe7oBawTKNQ1f+IYiB5z3fIYZF1AIaq5QHdOYDPHJ95M1Go2:2KNbQUOoBaFIvdP5aFHdOYDPHJfML2

Score

7^/10

Malware Config

Targets

- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/NSudoC.exe
- Size
  
  18KB
- MD5
  
  402bf6cfd68bc1d019b3ed4022771361
- SHA1
  
  84f5645b4a7e1fe8abbfbb52a89b80cf53b3b538
- SHA256
  
  b4dcfb4e16367ea6a02b4e06314827604bd44b4d1f5c0d66ad340e3dc0572423
- SHA512
  
  0201c1fc1eb25f3a722eeea1187115fa4d62cf4d1516124115cdc95c4fa07e3fc1e31f257b2ba3096ea162d516848bd434ad2159f426bd1251841eeb63ac932f
- SSDEEP
  
  384:1T8V4eLnas6yU6fUS78T9ziZg0sIrBWQWV0A4VEa2GeYNwclhqN5UW3O:1T8V4eas6vWSHN5re
Score

1^/10
behavioral1
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/SetACL.exe
- Size
  
  546KB
- MD5
  
  3e350eb5df15c06dec400a39dd1c6f29
- SHA1
  
  f1434cfef2c05fda919922b721ec1a17adb3194e
- SHA256
  
  427ff43693cb3ca2812c4754f607f107a6b2d3f5a8b313addee57d89982df419
- SHA512
  
  b6b6cdfe2b08aa49254e48302385a3a2a8385e2228bdcffd3032757acf1a1d4abff1270f5488083cfa4480439ff161a9d0ea5f193cabc1eb1e7b1255ce262ab6
- SSDEEP
  
  12288:ZM9AwIce16TCkcgxjouFmQGzt/B6QziZUt2qaV7se:ZM9Sce16TCkcgxMuFmQGztZZiSAqA7R
Score

1^/10
behavioral2
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/Uninstall.bat
- Size
  
  20KB
- MD5
  
  5b71e7ad296e6f0933b74ac49aa8286f
- SHA1
  
  b97fbdbc5664f7d52e43d7061595614247ecb951
- SHA256
  
  ae21d868a492b2d66b95829bfc12367e09cad956c832efcde645e87fc6fe8e92
- SHA512
  
  21347503f58b2de0ed8da5772b95cbf446beec7f4cc2eb98cbbdc2098a0004b4f5322e1904f4f3b4e6c4edf1970e77f0af7d7987c4d4036f5e7de371d0422e06
- SSDEEP
  
  384:PgdILNIAFBjWIVdZk+qEa6ILejL363ZrxRsU0fm8Qry7d2UmBIZM64zxMc9hK6Ai:PUcRnM9MDMfec
Score

1^/10
behavioral3
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/ehres/ehres.blue.dll
- Size
  
  21.3MB
- MD5
  
  2676be77c79f71785251ba86eacf2c99
- SHA1
  
  f294f0679f9651b8ca8f64b2c2d763a4df84ff3f
- SHA256
  
  7375925289708cbe93bab7f850d724a13bc78fd3d7dc4e4da22696e85fddb962
- SHA512
  
  f3b11e845815e1dfe65cfd86c95d19f3d02915fed5833bed103f44f56054e2333abbb1d90f1de70eef6d32039315bd31e9257d9e0d47d7286d6db379e81630fa
- SSDEEP
  
  393216:7xrx06SR9K1ZWFYg7w+2HshbaTPiZ0TK9WaT4hvr:7Rx1vKY42HEbNZ8UT4hvr
Score

1^/10
behavioral4
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/ehres/ehres.green.dll
- Size
  
  24.0MB
- MD5
  
  e4dd53d641fba2e4488ec14414eb0a30
- SHA1
  
  286f4c090704531fd8d4b2933891fcdf2149a3de
- SHA256
  
  81e8e1115185cbc27f46f482a5909b007c2d413a31178ae5cbf0577a916aaa24
- SHA512
  
  32b81f5def99f9fd2e14993d9b43e49a628fa62fc9a49c64456db80649cb544c020e96f8091d144112db37709000a747dde931a2bfe7902024d27a1a6ed336cb
- SSDEEP
  
  393216:3xrGeXDPcMhURt3+6+9K9qVTBhviGfTP7e1BsfUAjtKvpEPb:3RGeXDPcMy3C9HTBhviG/eT4Jcvp6b
Score

1^/10
behavioral5
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/ntrights.exe
- Size
  
  31KB
- MD5
  
  416c43aeb17252ee33048bd1f277d2a5
- SHA1
  
  085deb77551f9f6201e5aa352b62cad91c3005e5
- SHA256
  
  f46baa1b6227226518e42263e9b4808f81c27d060207df160f9ac64deae4f4f5
- SHA512
  
  3155de3fb04f1df246d6cecfa1c89f8ae9963c18be1ce717731ff210ab39d537be01231002a54d4346b4116e3505f387c92dfecc18a80ce7eb99c6d33e5f1f2a
- SSDEEP
  
  384:V2xoEQ1hlwZ1GADuwSoDFJqawj0zIjiOURFtk+bn7c/bAxi1I2Y8AVq65zHwP9TG:+l6pGXtk+D7c/N1I2Cq65z60sl
Score

1^/10
behavioral6
- Target
  
  Nanami Win7 for Win10/5- Windows Media Center/WMC-V8.8.2/bin/windows10.0-kb3106246-x64.msi
- Size
  
  9.1MB
- MD5
  
  86c8bcc1e84290b4536e7da66abbd84e
- SHA1
  
  0004f5036209a81588e1d1215c5a82a139a6c664
- SHA256
  
  97bffe621c4967aea619d32c23946eecf91511a7d6ce67094b05e54d5ae1828c
- SHA512
  
  d0e878735ae6d8e8b0da2a6f0ea1d5733d70e3d0fc784be026640977e520f10f55f940ade73a41eb40ed13e8113a49d97acd3393c78fa8d65a976734de951a3a
- SSDEEP
  
  196608:rOBTdQF6Abiv4oOt1RLofQnLHRjymrtxQp9GVpuUxUpukwJ:mpfAoOt7oyjdqNQk
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7
- Target
  
  Nanami Win7 for Win10/7- Windows 7 Sidebar/8GadgetPackSetup.msi
- Size
  
  26.1MB
- MD5
  
  e1d925f45808757355bfbcfb394bf11e
- SHA1
  
  2fefdf5e45d8a0d131b66d6895da352b90880c7f
- SHA256
  
  04b45032bebfca4d6a3e7d4082e9871e8d7432950a05ee1a087f75959e428473
- SHA512
  
  33b918ba6a0e2200bbfe479aeb2e2aa769e59beb1f2f004623f16edc5eb225029ded17eb3a680038888347fa805ecae27675ec95591c81143c36be82c2c2fb33
- SSDEEP
  
  393216:nGzov/U0vqAAAxei8tJepwTzX5BCX7/7uvhm6HO9nPQr55+Mc:Gsv/ZvqAAAxeiUIpcX5UX7/7uvhm+uMc
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Blocklisted process makes network request

Enumerates connected drives

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8