db5dcc80ee93b892f2558814290102e40defa7420126e2fdb15db519cb325b3d

General

Target

Nitro_Generator.zip
Size

13.2MB
Sample

240221-tnvmxsbc62
MD5

2cc7900a6b98024d0da04e20d8204797
SHA1

c08d35160f4e25335a29a0f044d62eaaa930a9d4
SHA256

db5dcc80ee93b892f2558814290102e40defa7420126e2fdb15db519cb325b3d
SHA512

9ce5a38f1826fdc14c88d748c61f60f82da5065e804267ee1e65c7530412846700eb795049a5246841780413a8ca1f0545924e5a8695beef99c48bd9c45b4aa6
SSDEEP

393216:0T4bOE6wSFS01u8rrcXs+L2DPrTdcXkQCGfv0pMz4z8GOD:sxE6JxoqDP6XkQCGH94z8v

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Nitro_Generator.zip
- Size
  
  13.2MB
- MD5
  
  2cc7900a6b98024d0da04e20d8204797
- SHA1
  
  c08d35160f4e25335a29a0f044d62eaaa930a9d4
- SHA256
  
  db5dcc80ee93b892f2558814290102e40defa7420126e2fdb15db519cb325b3d
- SHA512
  
  9ce5a38f1826fdc14c88d748c61f60f82da5065e804267ee1e65c7530412846700eb795049a5246841780413a8ca1f0545924e5a8695beef99c48bd9c45b4aa6
- SSDEEP
  
  393216:0T4bOE6wSFS01u8rrcXs+L2DPrTdcXkQCGfv0pMz4z8GOD:sxE6JxoqDP6XkQCGH94z8v
Score

1^/10
behavioral1
- Target
  
  Nitro Generator/Nitro Generator.exe
- Size
  
  13.4MB
- MD5
  
  c5093fbd4257aa956164b3ab12238641
- SHA1
  
  d7d1507a4c7a192145a1fea1d7c66d25aaa05eb6
- SHA256
  
  8766d387e4e7588fbf8b62f655a563f406f7f26c1438d8c030b0c9d39cc8f6cd
- SHA512
  
  520594bdf0a3c97280c90dc93c15eb425d5424e6d459d72d274454aaf358a910518fc92cdc20322265c031aac158c641e37500358aa560d352bb94f6c691b80a
- SSDEEP
  
  393216:8iIE7YoWPQDszf490j9c5hlERWAdZYyBrdYGm3ZqJw:17rmOszfm0JEhkWAdZB6Dpq
Score

7^/10
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral2
- Target
  
  main.pyc
- Size
  
  9KB
- MD5
  
  47c8ebbee029c0409240ab30804224e5
- SHA1
  
  42ed6f1beaaaf17ad19d4c076686c3dcfef184fc
- SHA256
  
  fb90998d36d9eced9fe17b918f2358a56f27841b217a9720511acdc1cfe0ef29
- SHA512
  
  6c7504ba25d320ec520615d104c2a821dafd14c5fbffddf6d0b5cc8016a130e8cb24784858c62c05ba072bbd640b0c02b94490936e3b4bde3a2f639ef2085e19
- SSDEEP
  
  192:SFHX6quVe2UGPmzpmN8UL3Fc5p+zA9lRKT6bbiBiVkHusQhU8G:QUU2f2pmN8YVc5k8/RKT6/iBuk5QiP
Score

3^/10
behavioral3
- Target
  
  Nitro Generator/config/config.json
- Size
  
  377B
- MD5
  
  42257f7a3e7f0101c14cc82ccab35375
- SHA1
  
  f5ac6c5ff6a0132663ed2a775b4a6c500ba61ccc
- SHA256
  
  fb9a5661d0ce9c1f714da423055c3fdf9d8cffe7a40fd2c46084beb4f8044337
- SHA512
  
  5784474153bc868d60d84161b882c8fe3330cea2b2c74fe32a6c1017d156d582b97f240d3a793caab94c6fb191dab270247d7f81814c261738915b4ed6e97c8f
Score

3^/10
behavioral4
- Target
  
  Nitro Generator/config/proxies.txt
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10
behavioral5
- Target
  
  Nitro Generator/results/hit.txt
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10
behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Maps connected drives based on registry

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6