Overview

overview

3

Static

static

3

Nighty2.2 (1).zip

windows11-21h2-x64

1

selfbot/ce...rt.pem

windows11-21h2-x64

3

selfbot/config.json

windows11-21h2-x64

3

selfbot/da...g.json

windows11-21h2-x64

3

selfbot/da...ae.txt

windows11-21h2-x64

3

selfbot/da...m.json

windows11-21h2-x64

3

selfbot/da...p.json

windows11-21h2-x64

3

selfbot/da...le.txt

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...r.json

windows11-21h2-x64

3

selfbot/da...l.json

windows11-21h2-x64

3

selfbot/da...ty.png

windows11-21h2-x64

3

selfbot/da...h.json

windows11-21h2-x64

3

selfbot/da...e.json

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...e.json

windows11-21h2-x64

3

selfbot/da...i.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...o.json

windows11-21h2-x64

3

selfbot/da...y.json

windows11-21h2-x64

3

selfbot/tc...ii.enc

windows11-21h2-x64

3

selfbot/tc...g5.enc

windows11-21h2-x64

3

selfbot/tc...50.enc

windows11-21h2-x64

3

selfbot/tc...51.enc

windows11-21h2-x64

3

selfbot/tc...52.enc

windows11-21h2-x64

3

selfbot/tc...53.enc

windows11-21h2-x64

3

selfbot/tc...54.enc

windows11-21h2-x64

3

selfbot/tc...55.enc

windows11-21h2-x64

3

selfbot/tc...56.enc

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nighty2.2 (1).zip

  • Size

    113.6MB

  • Sample

    240130-tmjh9shee6

  • MD5

    b5ee3302c0fa28873d8229ae7e9d732e

  • SHA1

    9682580566a355e5ff8e50f8d8fc8ead3aa5fdee

  • SHA256

    b92c73fd80d0356057d3b279d18e2ef7097eae67d0bf0ee03478f0bb19bef23c

  • SHA512

    f12ac2b410f5bd9e950dd677c90802bd9be7971fe51858c08ef48db1bf99d356bddc4e1a6a44d1e55c8b4385971b184bb48c91509aa9c7035b84e82416060d16

  • SSDEEP

    3145728:hBTeHerRbPV2utsNeBUZ0bPO4eTgd5OAvi5pKxjkuAPKKFD2rI:hIe9bSwu6bPggaAvCpKmVth

Score
3/10

Malware Config

Targets

    • Target

      Nighty2.2 (1).zip

    • Size

      113.6MB

    • MD5

      b5ee3302c0fa28873d8229ae7e9d732e

    • SHA1

      9682580566a355e5ff8e50f8d8fc8ead3aa5fdee

    • SHA256

      b92c73fd80d0356057d3b279d18e2ef7097eae67d0bf0ee03478f0bb19bef23c

    • SHA512

      f12ac2b410f5bd9e950dd677c90802bd9be7971fe51858c08ef48db1bf99d356bddc4e1a6a44d1e55c8b4385971b184bb48c91509aa9c7035b84e82416060d16

    • SSDEEP

      3145728:hBTeHerRbPV2utsNeBUZ0bPO4eTgd5OAvi5pKxjkuAPKKFD2rI:hIe9bSwu6bPggaAvCpKmVth

    Score
    1/10
    behavioral1

    • Target

      selfbot/certifi/cacert.pem

    • Size

      282KB

    • MD5

      9a9a33b00fac1d856e8cd176213295cf

    • SHA1

      8970329101cb180dd6d3da0087c797505226366f

    • SHA256

      1bc3a2bb4232e24544990e12d9298e0b2efc1887e7f99f5b26c325aec59d3ed7

    • SHA512

      5f9d9d122c251dfc19698a4069c73042736ff6ea896dd311544af41b5c6994f7248d636f66b16b77861b3263cd3dc052cbe8ac99e20ae12c8a26054cb914d5c9

    • SSDEEP

      6144:QW1H/M8f9R0mNplkXCRrwADwYCuMEigT/Q5MSRqNb7d84:QWN/vRLNLWCRrBC5MWavdV

    Score
    3/10
    behavioral2

    • Target

      selfbot/config.json

    • Size

      560B

    • MD5

      f50cd81113c1bfec829073237e1aa964

    • SHA1

      155fb38b596caec324bff4d19cb9d7f760b5291e

    • SHA256

      c780ef77c32653c6fdccc2db14afabb6fe2141c29a74d3d1d7eb7dce679c1bcd

    • SHA512

      9db63ca64617611ed3cb94b18f56ce88266a254b8745c47202e06e37bb19a80305c38edd6f1597082fa96a9fd5ad8b4818383d01e46d260cf93e284f7cabc1b2

    Score
    3/10
    behavioral3

    • Target

      selfbot/data/abuseconfig.json

    • Size

      91B

    • MD5

      ce6646ae9ecf07a4b2a80397f39840b4

    • SHA1

      aeadd5e94f1115361ed593841858cdcbf4c50c53

    • SHA256

      caa80afc039e6a7e9b1b5ee985129206f888f05cfc3be1b147a1f7403338a191

    • SHA512

      4907e39e133d3d05fb13badf69d6980e0a8732c393728473d4f6bcec49e6efeda49179bbef9e8e5c9126dd186b93b672d52420ba4576458dcdef0875d37ffdb1

    Score
    3/10
    behavioral4

    • Target

      selfbot/data/animated/dewae.txt

    • Size

      703B

    • MD5

      8af0747ba2fa4213c446afe6af42755c

    • SHA1

      a26d4e458d56cdebf71bccf36daf060be38fcc5b

    • SHA256

      447fa2eefec4e5a29c2f1c6b7e297f3adf61c56526772bae1add2065ce49cf2e

    • SHA512

      1e30b566f1149705967906814f3f1f2bd8802fc9bfa28ec5d058d19b1334ca2322a5319d1f3b60513c9573c6fe6b371a8ba35e8e45d47f83e1bf2ece6668b8e6

    Score
    3/10
    behavioral5

    • Target

      selfbot/data/automod/userspam.json

    • Size

      2B

    • MD5

      99914b932bd37a50b983c5e7c90ae93b

    • SHA1

      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

    • SHA256

      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

    • SHA512

      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

    Score
    3/10
    behavioral6

    • Target

      selfbot/data/backups/dailybackup.json

    • Size

      40B

    • MD5

      87bcdd70c9c2db593215b1358f4ac862

    • SHA1

      c03316732a27fe6223edc27e7614e9495d00ce03

    • SHA256

      1a8021b9142c8769549900de9873dfc6cdaba084721279d0071db5003fe6eadd

    • SHA512

      77c4e383e634b67c812e7504bd38f7fa790e1594393a9c4dbfb5c54d296cabebf0131123339a2ebd1853a58370d21d15e61030e3a731458599a07bd33147e187

    Score
    3/10
    behavioral7

    • Target

      selfbot/data/customstatus/example.txt

    • Size

      91B

    • MD5

      ce0a462006b54784aa046491d5b6ef57

    • SHA1

      69b0d7e8e5934151ffed34a186767ff634cdd187

    • SHA256

      ea75c32e7a595d04d17a413f21e2b349fafda4ceb204cc825f51de77da4aaff0

    • SHA512

      92937428964e2634a96724922203bf3eed8de53c9cdce42886b42c1eb51382e0c2a6da1a1bea5bf0c1dcb5d85da46e160546917c28b4cdd540a33bd204d7af54

    Score
    3/10
    behavioral8

    • Target

      selfbot/data/eventreact.json

    • Size

      36B

    • MD5

      b5e8c46959c73df5abee2f9d7a3acb25

    • SHA1

      16badfd9f8f9cfb689a2bb8c6606b32818704cf2

    • SHA256

      52f8868de43ccf70878d674b54ede3b62331eebb2bc7131f4f8febf9b0bcae1e

    • SHA512

      26965b7d07b45278e635c6a65a140cf9911846a8b529e2f66a9953a81c1bef8abf0916105c0241613164c6c7ed6eb74913e1a575654c38b30f00cd82f864674f

    Score
    3/10
    behavioral9

    • Target

      selfbot/data/favorites.json

    • Size

      23B

    • MD5

      fc57d0ad344261ac76a6dc174e792bbc

    • SHA1

      a202dd1d3088d04bf771f0bb3a25141578a6eafb

    • SHA256

      48f0a7000731c3420f255f0dd965fa361dd91a36fb961e5c673aceb8edba7a98

    • SHA512

      e500e0fc49d0679d1b33dedd70d88599ab7d8fce87a94bc2750aee935db68b85b16c755a3ea9ebb149c164a1167c5ab8283c8ec7c89789e936f7e48b302fa519

    Score
    3/10
    behavioral10

    • Target

      selfbot/data/giveawayjoiner.json

    • Size

      308B

    • MD5

      75f4ca24a4467c3b174a5770945769a6

    • SHA1

      d364b9fd06ea17f8e6c8601fe69e6d3ce6ef7328

    • SHA256

      0906c64139fd71d58a7a49cee41d675dfd8fcc417d098c63aafbcdb4982b903b

    • SHA512

      91196bfdd00c51cf2b4e2de45021688a202ce68f2babf0a427f8e20f632a6f5b739f49e8497fbcd304b72bc8bc9f5457963b7fd835638df449a9bbefc0901aba

    Score
    3/10
    behavioral11

    • Target

      selfbot/data/gmail.json

    • Size

      61B

    • MD5

      2978d522a7a522174f6f6e4cab4de98a

    • SHA1

      40d0382b703fcfbcd7cbf9a18915d9144eac09ef

    • SHA256

      2b37f0ff70ddcb4ece931d0f60845c7739cd88c9f5d4b7863a863d0b8cf8fff2

    • SHA512

      5f14799666eb0fdf30f19d9623f9646b6571c80c70d2975f34962b83a1e9dbf96b6203a86b8feb1025bafdc3b8b037e6743235f6f5ec2086ef00076a8c372b3f

    Score
    3/10
    behavioral12

    • Target

      selfbot/data/images/nighty.ico

    • Size

      107KB

    • MD5

      a3f5e6169009151b1eefdda06e536110

    • SHA1

      e0487b3cb4b75da8bd35991b9ac3823403799460

    • SHA256

      a9ca8d6d08711c8b291c8e3ceeb598d8e15ecbf2f4368c117aff0bd0bd28f3b1

    • SHA512

      248f4d892e6afbb869e1eff673470ac690bbe6253835fc158cfe782cad1ba54810260148a0e0ceed5f0d857ccd3a79db7ea8fcdc4279620eee4e79ca2ef603c8

    • SSDEEP

      3072:+u1D3ya15HBe+3TRjznbrOYGi9SQ9E82poTkTmFB+:+uhVHBecR/vGgukkTWg

    Score
    3/10
    behavioral13

    • Target

      selfbot/data/languages/english/english.json

    • Size

      39KB

    • MD5

      8c071d039827174d1d5ce9d344b9c01c

    • SHA1

      7a4ab88d462b1b1c37cac11886857af553172a0d

    • SHA256

      e525512bd86f20980f13870a28e1e4d3d15a29195cc61ed94f47c9dffb797522

    • SHA512

      9ad5c724bcdfeeb3c10e49ebd43a7ffe1e69b688726b5cc1fb79eaff60e22519dffbbb782bdbb2f8a77d0b440c21fd53375ccdad32e7b3636c90ec7b260e1b94

    • SSDEEP

      768:2ctESbsHJil8kxmgd9Vtf6l0Th6I/52v4m3rHcYLf:2ctEGGjkM89Vtf6lHP3r8U

    Score
    3/10
    behavioral14

    • Target

      selfbot/data/misc/about_me.json

    • Size

      96B

    • MD5

      12dcef77e701fffd5c09b9a0f027af99

    • SHA1

      3f5b26f865da0e90f7e5371607877c0f1bd0fe46

    • SHA256

      3e66840ea66f32ed83075c422851c198952bafbac478b60cb5627581eb98a559

    • SHA512

      1ade28593410c7eb936cecb10b599c73cb6c1c748815ae45e017a2628ce14943d6e5cc3bf986360b8ec35dd678929c8961c3704cb6b168f976f8585c5739f167

    Score
    3/10
    behavioral15

    • Target

      selfbot/data/misc/auto_suggest.json

    • Size

      29B

    • MD5

      5a50b7b07c41a209391cf5ea2c1d3628

    • SHA1

      8c9d40aee952c55bd1a07e08d22bb7fab5fcf8d4

    • SHA256

      edce18420c32a7fb844d506e23750b809b10c4c5f0805fd8a488d35a78e13da2

    • SHA512

      a03863702462b2ddb378b7e691fe8af4be03003643337cb92b47463c5d69476cef1a446d4ef4b2600a4d49ccdc1660901680169fd1aed10b6e9857743baa2c3b

    Score
    3/10
    behavioral16

    • Target

      selfbot/data/misc/fonts.json

    • Size

      15KB

    • MD5

      26d31c3f8cf9c92b1fa2dce874500af7

    • SHA1

      97942598e92cb7ae3a34268a06eeb26f3192c583

    • SHA256

      c21e08bf9f49daf406643f7c57a73a08bb29353ce03ae4abd1c311d9ea775622

    • SHA512

      3829f93d84d7f786ff690e53532cd1258c4847b5941423e5d0487c6e17cb7389dc69e0dd603fc17cd625f1cca2da07d1609f6f16e4e2871fd91bb676d04f6f16

    • SSDEEP

      192:9WPv11ZMxX9mktcxkCq7Yxn/whOt2t04ULrHHpRB8bW27wI6nl1V4eHo6d:9aTZMxNROSCSqGhQH7Cn6nD1Rd

    Score
    3/10
    behavioral17

    • Target

      selfbot/data/misc/spamreact.json

    • Size

      394B

    • MD5

      054dc4d9fd2e10a854301269ca1be7c7

    • SHA1

      1d8f8b5c037bd256a0b66f3816078fe405b09cc6

    • SHA256

      262595f49dd61db2df7d1532168f4f0384c4dc08d008d7f885320cdf54119580

    • SHA512

      5d724c5bb935bd3d87ae035173b9255c6202000f40b18c3221df360d4b0ed7610645386be9154f7c2230f9c0d671c187f3d3cd80a7feb2d22f315903c23fe311

    Score
    3/10
    behavioral18

    • Target

      selfbot/data/misc/total_uptime.json

    • Size

      30B

    • MD5

      12a9da45f65fbf22c9d6de8952cf6e96

    • SHA1

      be2311e1b7bc88f3745d6564cad558584df1c0bb

    • SHA256

      11b34b0f37d9059bd27cc052fc55ad818ab5705d7bf9774649bc37f26f8fcca7

    • SHA512

      985b7887a69944c633786387b9f88feed33f4cf4238f651c7b8900b5cdab04c3b6754db453dba6619000e9866121a9414bc0ae9a9ad5bcdf1e848f13b3d900ec

    Score
    3/10
    behavioral19

    • Target

      selfbot/data/misc/ui.json

    • Size

      29B

    • MD5

      c33acbda1aa95a4e56dc912f5f840469

    • SHA1

      96ada068e6d8d4e4f44aa24cb36a686d41810e9b

    • SHA256

      324a8d26c95023b0aa1dc8dccdc99f69a530222a776536f6e063283b92421177

    • SHA512

      115d057cdccb41b31e8d2aa159c897722a8809d2a5944fad70f968fdaee6f1c9c7f554fe46eef144c32816f779e63de087d2b3bd21ec805ae18cb8eb93f879b0

    Score
    3/10
    behavioral20

    • Target

      selfbot/data/misc/user_history_logs.json

    • Size

      282B

    • MD5

      2d6c2d83a5aed2ed8af7f4a69dc62688

    • SHA1

      31867c95905a4703de1a0607ad966e8ae49bcf9a

    • SHA256

      e5f26ad6278a566c3290993e47ff3c64213f13d67e717e27619386579fb3ef2c

    • SHA512

      1f82a7560e0bcd07eeb42d7b425dd45cf448829353c72566872fb2879e5e75548fdae557e131d4f47caa30b4c04e944f582c88d30ba99f17683ca0f04326aa41

    Score
    3/10
    behavioral21

    • Target

      selfbot/data/nitro.json

    • Size

      27B

    • MD5

      3313f3d492952d14dc51e3b429c6f6aa

    • SHA1

      2e8a1afe35ebcbbc7b47f0a720a770da0a3cad61

    • SHA256

      71ce86d0f662ef78982971df154d041aa8e6310aeac586ebd655aee23a3e96a2

    • SHA512

      4c738ee95a36bb6abefa88fda92ee37b49ec0c85f865a8e3edc7f12e9f438c0e226c1578fbff0d3b832f9666861d0400f0d0ff78f13c2b385d3620c5b72d1ccc

    Score
    3/10
    behavioral22

    • Target

      selfbot/data/notify.json

    • Size

      1KB

    • MD5

      35a3d8497b06f4519c3697b618eb2335

    • SHA1

      1dbb5cc190a1319540a5b2a387af967fe189c8bd

    • SHA256

      de905fa878177d652a2e2cfd4e8cebe7171bbc55802725135815b33ebc38ef11

    • SHA512

      1e12d2258dad04801b64b481b9a22c56170962f9ea2994a9939b8ab0725779268fc828739eb640ceb56c7f61763be66b47f5efaefde40bde172e75376ab7c47c

    Score
    3/10
    behavioral23

    • Target

      selfbot/tcl/encoding/ascii.enc

    • Size

      1KB

    • MD5

      68d69c53b4a9f0aabd60646ca7e06dae

    • SHA1

      dd83333dc1c838beb9102f063971ccc20cc4fd80

    • SHA256

      294c97175fd0894093b866e73548ae660aeed0c3cc1e73867eb66e52d34c0dd2

    • SHA512

      48960e838d30401173ea0df8597bb5d9bc3a09ed2cffcb774ba50cb0b2accf47aad3ba2782b3d4a92bef572cbd98a3f4109fc4344db82eb207bfde4f61094d72

    Score
    3/10
    behavioral24

    • Target

      selfbot/tcl/encoding/big5.enc

    • Size

      90KB

    • MD5

      9e67816f304fa1a8e20d2270b3a53364

    • SHA1

      9e35ebf3d5380e34b92fe2744124f9324b901dd3

    • SHA256

      465ae2d4880b8006b1476cd60facf676875438244c1d93a7dbe4cde1035e745f

    • SHA512

      ee529da3511eb8d73465eb585561d54833c46b8c31062299b46f5b9ee7eb5be473e630aa264f45b2806fc1b480c8ed39a173ff1756cb6401b363568e951f0637

    • SSDEEP

      768:3kkmY4kD7HGJxYXIdjQWTGzvKHBDViIM1sbh+dJE+FKw0sXlWVvDg21jj9:cGfKqIQCGzv8D7ksb2Ur79jj9

    Score
    3/10
    behavioral25

    • Target

      selfbot/tcl/encoding/cp1250.enc

    • Size

      1KB

    • MD5

      79acd9bd261a252d93c9d8ddc42b8df6

    • SHA1

      fa2271030db9005d71faad60b44767955d5432dd

    • SHA256

      1b42df7e7d6b0feb17cb0bc8d97e6ce6899492306dd880c48a39d1a2f0279004

    • SHA512

      607f21a84ae569b19df42463a56712d232ca192e1827e53f3acb46d373ef4165a38ffbf116e28d4eaaef49b08f6162c7a1c517cce2dfaca71da07193feffff06

    Score
    3/10
    behavioral26

    • Target

      selfbot/tcl/encoding/cp1251.enc

    • Size

      1KB

    • MD5

      55fb20fb09c610db38c22cf8add4f7b8

    • SHA1

      604396d81fd2d90f5734fe6c3f283f8f19aabb64

    • SHA256

      2d1bed2422e131a140087faf1b12b8a46f7de3b6413bae8bc395c06f0d70b9b0

    • SHA512

      07c6640bb40407c384bcf646cc436229aec77c6398d57659b739dc4e180c81a1524f55a5a8f7b3f671a53320052ad888736383486cc01dfc317029079b17172e

    Score
    3/10
    behavioral27

    • Target

      selfbot/tcl/encoding/cp1252.enc

    • Size

      1KB

    • MD5

      5900f51fd8b5ff75e65594eb7dd50533

    • SHA1

      2e21300e0bc8a847d0423671b08d3c65761ee172

    • SHA256

      14df3ae30e81e7620be6bbb7a9e42083af1ae04d94cf1203565f8a3c0542ace0

    • SHA512

      ea0455ff4cd5c0d4afb5e79b671565c2aede2857d534e1371f0c10c299c74cb4ad113d56025f58b8ae9e88e2862f0864a4836fed236f5730360b2223fde479dc

    Score
    3/10
    behavioral28

    • Target

      selfbot/tcl/encoding/cp1253.enc

    • Size

      1KB

    • MD5

      2e5f553d214b534eba29a9fceec36f76

    • SHA1

      8ff9a526a545d293829a679a2ecdd33aa6f9a90e

    • SHA256

      2174d94e1c1d5ad93717b9e8c20569ed95a8af51b2d3ab2bce99f1a887049c0e

    • SHA512

      44ab13c0d322171d5ee62946086058cf54963f91ec3f899f3a10d051f9828ac66d7e9f8055026e938ddd1b97a30d5d450b89d72f9113dee2dbbb62ddbbbe456c

    Score
    3/10
    behavioral29

    • Target

      selfbot/tcl/encoding/cp1254.enc

    • Size

      1KB

    • MD5

      35ad7a8fc0b80353d1c471f6792d3fd8

    • SHA1

      484705a69596c9d813ea361625c3a45c6bb31228

    • SHA256

      bc4cbe4c99fd65abea45fbdaf28cc1d5c42119280125fbbd5c2c11892ae460b2

    • SHA512

      cca3c6a4b826e0d86ac10e45ffc6e5001942aa1cf45b9e0229d56e06f2600dda0139764f1222c56cf7a9c14e6e6c387f9ab265cb9b936e803fecd8285871c70f

    Score
    3/10
    behavioral30

    • Target

      selfbot/tcl/encoding/cp1255.enc

    • Size

      1KB

    • MD5

      0419dbee405723e7a128a009da06460d

    • SHA1

      660dbe4583923cbdfff6261b1fadf4349658579c

    • SHA256

      f8bd79ae5a90e5390d77dc31cb3065b0f93cb8813c9e67accec72e2db2027a08

    • SHA512

      fdd9f23a1b5abbf973bee28642a7f28f767557fe842af0b30b1cf97cd258892f82e547392390a51900dc7ff5d56433549a5cb463779fc131e885b00568f86a32

    Score
    3/10
    behavioral31

    • Target

      selfbot/tcl/encoding/cp1256.enc

    • Size

      1KB

    • MD5

      0ffa293aa50ad2795eab7a063c4ccae5

    • SHA1

      38fee39f44e14c3a219978f8b6e4da548152cfd6

    • SHA256

      bbacea81d4f7a3a7f3c036273a4534d31dbf8b6b5cca2bcc4c00cb1593cf03d8

    • SHA512

      ab4a6176c8c477463a6cabd603528ceb98ef4a7fb9aa6a8659e1aa6fe3f88529db9635d41649fbad779aeb4413f9d8581e6ca078393a3042b468e8cae0fa0780

    Score
    3/10
    behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

33
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks