b9740db8e39deebf5957f7572e64d399a969968307c3643337c1660c04003df0

General

Target

nikkeminiloader_official.wg.intl.exe
Size

8.4MB
Sample

240221-xpejwaeb77
MD5

51ab0163e623c18b2af0dda90a71cea5
SHA1

5759a05277e833696206550aeb1ca60a87887aea
SHA256

b9740db8e39deebf5957f7572e64d399a969968307c3643337c1660c04003df0
SHA512

9e9e8c9e3bf21621dde42bae66e569747503c6781452e57ac244421674cb5687740aa8e466de60ce1a4bbe56cd19e3525d372ac6d68cf923805887037ba4d849
SSDEEP

196608:OjSrjBZ9BH7XH522IAcJ9xAjBeThteDh1ZvYg:tXnXM2vzteTaf

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  nikkeminiloader_official.wg.intl.exe
- Size
  
  8.4MB
- MD5
  
  51ab0163e623c18b2af0dda90a71cea5
- SHA1
  
  5759a05277e833696206550aeb1ca60a87887aea
- SHA256
  
  b9740db8e39deebf5957f7572e64d399a969968307c3643337c1660c04003df0
- SHA512
  
  9e9e8c9e3bf21621dde42bae66e569747503c6781452e57ac244421674cb5687740aa8e466de60ce1a4bbe56cd19e3525d372ac6d68cf923805887037ba4d849
- SSDEEP
  
  196608:OjSrjBZ9BH7XH522IAcJ9xAjBeThteDh1ZvYg:tXnXM2vzteTaf
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  $PLUGINSDIR/NSISPlugin.dll
- Size
  
  1.0MB
- MD5
  
  7c1b00e82c60c4850fcb098d48c40410
- SHA1
  
  4430e0632c75ca4a8ef5093a70b6e82ec7d3de3f
- SHA256
  
  1b9a09720ab5f6fed43d366cdf1d314b15e29e4eeabefdc528bf4053a0c1b0ef
- SHA512
  
  8a089435e5e4291526041362d3247ab46c95d2c2669ef1530a8029b6c898e8ee23fa5af9dd43bbdb27e1c51f74ce588068611db52954dd750219169d2f7e97c8
- SSDEEP
  
  24576:MN7rmqhBdVUSpMqn2prMjE5RtqecX+UNvSgpT9FqrQyKo:Ut72lpa9TTCrQyK
Score

3^/10
behavioral2
- Target
  
  nikkeminiloader.exe
- Size
  
  5.1MB
- MD5
  
  c8d777437893e8f145fe9352e8d89082
- SHA1
  
  7169a9d37891f8e94cd2c8d3a3e801242553c439
- SHA256
  
  dbc12823a522fd9aa46f78d48ab03d08183895b02d3516d8a10419e4c5cdba98
- SHA512
  
  d2374690b9ea2e41ea264ed042d99ee60cb0561bbb5378e89dbeb2a3a647995f82ab5ab8473d40eafba65521c97e511f8d69a1b1c790c107eacdf3295703ebf8
- SSDEEP
  
  98304:JcLsuPSAop5/4URGRJtFxBr8EnUdDU+AkDuFYBVwsozN0LmSAx:8q+kGXYEnkuFYBvozCA
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3
- Target
  
  tiny_dl/VersionService.exe
- Size
  
  10.3MB
- MD5
  
  271e2e5c6185fff516ad3629c08bc27a
- SHA1
  
  a135b914d33c034a28ad0ae9c0ff8269e9fc3e44
- SHA256
  
  d6ac4c29dd2cf74a464bad71e4f60e5ceef5e0415ab2d35cc4a23241a7a5a352
- SHA512
  
  b250aad5cd4c06bf07c0e13b141b26c52f0dc247b7fe7ed7c00b8825b85e97c456ef421e7d5000341a8a9b615aa1c60f83d121d9d6b7bd9134db1f4a0524ba69
- SSDEEP
  
  196608:wixg5NkeeNG7ll5GU3mwBDXbz3hQiTpBS1GEI0rj0wVtQi/iW1z:RC6axVNT61Zj0k9KWB
Score

1^/10
behavioral4
- Target
  
  tiny_dl/VersionServiceProxy.dll
- Size
  
  1.8MB
- MD5
  
  ae7478a5aab9a2a063964e7950b62661
- SHA1
  
  e1034e534ae8d8097c9010f42fcece156dbe13e9
- SHA256
  
  dd0c142b4f70440e2f171f8b731e368f38f13d2bd171a9532581108a427cffc5
- SHA512
  
  9af5dbabaef63a7253dc18483a4a98d5fda088e1738376fbf4708652aee3eedf41c47c3b4728ac1f739bb21cec7e70b9d66a46c96eb08d7ec0929d3cbea824c9
- SSDEEP
  
  49152:S9J/pUW2MknzBLD1cze5G6D0WZTdX2UPki0c9GEl:S9J/pYnFLqzeg6oa
Score

3^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates connected drives

Checks computer location settings

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5