Overview

overview

7

Static

static

3

nitro_generator.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    nitro_generator.exe

  • Size

    71.3MB

  • Sample

    240213-1d548she3w

  • MD5

    f6aeaad3491a725f8108ed2bafa174d8

  • SHA1

    d92a2e5b81fb49e26d7b31aad4347e182e9a3b1d

  • SHA256

    8168e971e407bee7477efbd491aa008903226b198a1c6604295766843ab43046

  • SHA512

    12c7d26d4eb33d6a287caac13d44d68a8832c8524a330b553e25c64ea9bcc44b5fbc4707e305552f7f8dd10154bb980b133be8eb96deb4cc34663a12ccca557f

  • SSDEEP

    1572864:P4/4rzOchPFqMfT+qhkJxXBNL0GpY9P4Z7fX+A6VJdtIZAS1VGNRyLBX34EZOsw7:gkqcdFqMrlOJCT9P4Z7fXL6DWGKLR34H

Score
7/10

Malware Config

Targets

    • Target

      nitro_generator.exe

    • Size

      71.3MB

    • MD5

      f6aeaad3491a725f8108ed2bafa174d8

    • SHA1

      d92a2e5b81fb49e26d7b31aad4347e182e9a3b1d

    • SHA256

      8168e971e407bee7477efbd491aa008903226b198a1c6604295766843ab43046

    • SHA512

      12c7d26d4eb33d6a287caac13d44d68a8832c8524a330b553e25c64ea9bcc44b5fbc4707e305552f7f8dd10154bb980b133be8eb96deb4cc34663a12ccca557f

    • SSDEEP

      1572864:P4/4rzOchPFqMfT+qhkJxXBNL0GpY9P4Z7fX+A6VJdtIZAS1VGNRyLBX34EZOsw7:gkqcdFqMrlOJCT9P4Z7fXL6DWGKLR34H

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks