Overview

overview

3

Static

static

3

免费版/...OX.dll

windows7-x64

1

免费版/...OX.dll

windows10-2004-x64

1

免费版/...ib.dll

windows7-x64

1

免费版/...ib.dll

windows10-2004-x64

1

免费版/...ta.dll

windows7-x64

1

免费版/...ta.dll

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/...wn.exe

windows7-x64

1

免费版/...wn.exe

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/NiniReg.bat

windows7-x64

1

免费版/NiniReg.bat

windows10-2004-x64

1

免费版/...eg.bat

windows7-x64

1

免费版/...eg.bat

windows10-2004-x64

1

免费版/...te.exe

windows7-x64

1

免费版/...te.exe

windows10-2004-x64

1

免费版/...er.exe

windows7-x64

1

免费版/...er.exe

windows10-2004-x64

1

免费版/NiniWeb.dll

windows7-x64

1

免费版/NiniWeb.dll

windows10-2004-x64

1

免费版/...es.exe

windows7-x64

1

免费版/...es.exe

windows10-2004-x64

1

免费版/help.pdf

windows7-x64

1

免费版/help.pdf

windows10-2004-x64

1

免费版/...in.htm

windows7-x64

1

免费版/...in.htm

windows10-2004-x64

1

免费版/ninicom.dll

windows7-x64

1

免费版/ninicom.dll

windows10-2004-x64

1

免费版/...��.url

windows7-x64

1

免费版/...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 06:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    免费版/NiniDown.exe

  • Size

    922KB

  • MD5

    df58704d39b0f6e16f376952daf727db

  • SHA1

    42bccd64cf239bc111a32a002f306c79abf8f87b

  • SHA256

    4cca80cd3454fa683f4c6ad20c7fa615fe77340190b5e75b6bf9e6c2ce737e8a

  • SHA512

    055422824bd325a6ccaf400ffa524931dde6ca743ae573a6c1e5aeae9f16e868fed3cc33aadfd16fed9b1318d460675c0cf31d07c4ed2195b6b486b598ea8229

  • SSDEEP

    24576:1C6LuGj0+CdZVNyQ+n+0jXrWmw0vK/fLdjbwXn:wNiCfPqXaju0pwX

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\免费版\NiniDown.exe
    "C:\Users\Admin\AppData\Local\Temp\免费版\NiniDown.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2028

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2028-1-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-0-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-2-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-5-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-7-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-9-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-10-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-12-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-14-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-15-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-17-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-20-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-19-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-22-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-24-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-26-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-28-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-32-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-30-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-35-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-34-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-37-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-42-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-40-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-38-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-46-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-44-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-48-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-50-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-52-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-53-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-55-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-57-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-59-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-61-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-62-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-64-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-65-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-67-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-68-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-71-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-70-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-74-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-73-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-77-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-79-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-76-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-106-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-118-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-120-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-122-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-126-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-124-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-132-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-136-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-134-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-138-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-141-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-143-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-145-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-152-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-156-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-154-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-193-0x0000000077960000-0x0000000077961000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2028-195-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-199-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-197-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-204-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-205-0x0000000000400000-0x000000000052F000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2028-206-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-207-0x0000000074AA0000-0x000000007504B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/2028-208-0x0000000074AA0000-0x000000007504B000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/2028-209-0x0000000000540000-0x0000000000580000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2028-210-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-211-0x0000000000540000-0x0000000000580000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2028-212-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-213-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-215-0x0000000000360000-0x00000000003C5000-memory.dmp

          Filesize

          404KB

          Download

        • memory/2028-216-0x0000000000400000-0x0000000000524000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/2028-217-0x0000000074AA0000-0x000000007504B000-memory.dmp

          Filesize

          5.7MB

          Download