Overview

overview

3

Static

static

3

Nighty2.2 (1).zip

windows11-21h2-x64

1

selfbot/ce...rt.pem

windows11-21h2-x64

3

selfbot/config.json

windows11-21h2-x64

3

selfbot/da...g.json

windows11-21h2-x64

3

selfbot/da...ae.txt

windows11-21h2-x64

3

selfbot/da...m.json

windows11-21h2-x64

3

selfbot/da...p.json

windows11-21h2-x64

3

selfbot/da...le.txt

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...r.json

windows11-21h2-x64

3

selfbot/da...l.json

windows11-21h2-x64

3

selfbot/da...ty.png

windows11-21h2-x64

3

selfbot/da...h.json

windows11-21h2-x64

3

selfbot/da...e.json

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...t.json

windows11-21h2-x64

3

selfbot/da...e.json

windows11-21h2-x64

3

selfbot/da...i.json

windows11-21h2-x64

3

selfbot/da...s.json

windows11-21h2-x64

3

selfbot/da...o.json

windows11-21h2-x64

3

selfbot/da...y.json

windows11-21h2-x64

3

selfbot/tc...ii.enc

windows11-21h2-x64

3

selfbot/tc...g5.enc

windows11-21h2-x64

3

selfbot/tc...50.enc

windows11-21h2-x64

3

selfbot/tc...51.enc

windows11-21h2-x64

3

selfbot/tc...52.enc

windows11-21h2-x64

3

selfbot/tc...53.enc

windows11-21h2-x64

3

selfbot/tc...54.enc

windows11-21h2-x64

3

selfbot/tc...55.enc

windows11-21h2-x64

3

selfbot/tc...56.enc

windows11-21h2-x64

3

Analysis

  • max time kernel
    429s
  • max time network
    1168s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30-01-2024 16:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    selfbot/data/misc/fonts.json

  • Size

    15KB

  • MD5

    26d31c3f8cf9c92b1fa2dce874500af7

  • SHA1

    97942598e92cb7ae3a34268a06eeb26f3192c583

  • SHA256

    c21e08bf9f49daf406643f7c57a73a08bb29353ce03ae4abd1c311d9ea775622

  • SHA512

    3829f93d84d7f786ff690e53532cd1258c4847b5941423e5d0487c6e17cb7389dc69e0dd603fc17cd625f1cca2da07d1609f6f16e4e2871fd91bb676d04f6f16

  • SSDEEP

    192:9WPv11ZMxX9mktcxkCq7Yxn/whOt2t04ULrHHpRB8bW27wI6nl1V4eHo6d:9aTZMxNROSCSqGhQH7Cn6nD1Rd

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\selfbot\data\misc\fonts.json
    1⤵
    • Modifies registry class
    PID:428
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads