de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0 | Triage

Resubmissions

21/02/2024, 18:48

240221-xfy7xsde5y 3

21/02/2024, 18:42

240221-xca1xsdh67 6

Sharing

Copy URL Twitter E-mail

General

Target

nikkeminiloader_k37IOhvpJGf.wg.intl.exe
Size

8.4MB
Sample

240221-xca1xsdh67
MD5

558baff0dfd86eeb1891f4c5d5650d78
SHA1

a3ab36e65d579eab3485d115282f5f0722e047f2
SHA256

de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0
SHA512

866215075aef94dbcf6cc84c7de1c765a3aa3b95cf63d5accf94839a3ec15afae683a3ebb14fb4b0f055b10560eae66d069fa3495fc60a89babff3ebe519e2c3
SSDEEP

196608:FJE8Z06WTBBQU7rCqOhkmtgpq2YCgsUSCcIGDP1Z+E:FO8Z06WTBBFROhkugjYCgux7b5

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  nikkeminiloader_k37IOhvpJGf.wg.intl.exe
- Size
  
  8.4MB
- MD5
  
  558baff0dfd86eeb1891f4c5d5650d78
- SHA1
  
  a3ab36e65d579eab3485d115282f5f0722e047f2
- SHA256
  
  de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0
- SHA512
  
  866215075aef94dbcf6cc84c7de1c765a3aa3b95cf63d5accf94839a3ec15afae683a3ebb14fb4b0f055b10560eae66d069fa3495fc60a89babff3ebe519e2c3
- SSDEEP
  
  196608:FJE8Z06WTBBQU7rCqOhkmtgpq2YCgsUSCcIGDP1Z+E:FO8Z06WTBBFROhkugjYCgux7b5
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISPlugin.dll
- Size
  
  1.0MB
- MD5
  
  7c1b00e82c60c4850fcb098d48c40410
- SHA1
  
  4430e0632c75ca4a8ef5093a70b6e82ec7d3de3f
- SHA256
  
  1b9a09720ab5f6fed43d366cdf1d314b15e29e4eeabefdc528bf4053a0c1b0ef
- SHA512
  
  8a089435e5e4291526041362d3247ab46c95d2c2669ef1530a8029b6c898e8ee23fa5af9dd43bbdb27e1c51f74ce588068611db52954dd750219169d2f7e97c8
- SSDEEP
  
  24576:MN7rmqhBdVUSpMqn2prMjE5RtqecX+UNvSgpT9FqrQyKo:Ut72lpa9TTCrQyK
Score

3^/10
behavioral3 behavioral4
- Target
  
  nikkeminiloader.exe
- Size
  
  4.8MB
- MD5
  
  6a8d00c4defd7b75ca3096819b764c23
- SHA1
  
  84188345c08078cb44097b4b415d7964c43472c5
- SHA256
  
  18fe90e301cff4e78e03e3218955ff89481a0ee90784bf759942f3cb29bb6a8f
- SHA512
  
  4c2692bf2ba1ee72fc0346960d2877acad839a6f6ead377acecdbf053e155cc2556eda5afe0fd9549b998f71a8db2526cf0690d9550e435dd543418cb449f56d
- SSDEEP
  
  98304:pML0pPSAop5/gsBGRRtFxBz8EnUdzUnAduuFYBdwsozeIS+Axr:dqm8GvwEnruFYBXozPAJ
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5 behavioral6
- Target
  
  tiny_dl/VersionService.exe
- Size
  
  10.3MB
- MD5
  
  4cb90e23509eb94cc59046afbf5a1279
- SHA1
  
  12be7b8a250480c56e110e76c1397fe922832a5f
- SHA256
  
  2fe55bca6aa01f60ceebc1f204741813cf268e1b6b62428b4c9ea7f2bf17a43e
- SHA512
  
  d1ebca2b6ade9119c7b5c82f99e6c6e5fa83f4212c1828a8a834d671461f7d7948618eda1fee795723cb99700534268dad5122d6ea6f7dc2990817bfa9bacad3
- SSDEEP
  
  196608:Sixg5NkeeNG7ll5GU3mwBDXbz3hQiTpBS1GEI0rj0wVtQi/iW18:nC6axVNT61Zj0k9KWS
Score

1^/10
behavioral7 behavioral8
- Target
  
  tiny_dl/VersionServiceProxy.dll
- Size
  
  1.8MB
- MD5
  
  0e9f1c5d6ad82470511234fc1a875568
- SHA1
  
  1defb2cd189779391987386f0e7851eb296a10ef
- SHA256
  
  96ece1603e2243d0640330a4e09f42fcbb4ec3e8d2d694153eb5ec7afcc8c0d1
- SHA512
  
  6f3b3e8cf55aa00806449073f9a2836e4ded1ff59639640dacac12764c413567f793346015f480998d607a630dd2a9cc06db5d6067ff883e21041daad62a77b9
- SSDEEP
  
  49152:B9J/pUW2MknzBLD1cze5G6D0WZTdX2UPki0c9GEz:B9J/pYnFLqzeg6ok
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10