Overview

overview

7

Static

static

3

NinjaCS_v1.3.exe

windows10-2004-x64

7

NinjaCS_v1.3.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NinjaCS_v1.3.exe

  • Size

    3.5MB

  • Sample

    240314-1y75bsgf3w

  • MD5

    dcc565d6f70566ee2f78f7dff6131fdf

  • SHA1

    08dc0ad8713fac148cbf65d8ab7125ace4690252

  • SHA256

    06dc0a4a2e8a4c02c72be5872f0df88dc3f830619a470c2ede90eef86afae5d2

  • SHA512

    0983fc136a995ac9bdc3ca43477a45f10a817d53e91152a82214a8e4394a1a1edb737df7b66ce79104fba3b9bfbb7a9d90eac3e6e9be8626690fa3c7ce0aa8c3

  • SSDEEP

    98304:Fcb+6Lsjo5fE4I1o712g2WjHYHrPdFnOLUambXnAzWpcZqrg:FcRL15EwUglj4rbO0XnXcV

Score
7/10

Malware Config

Targets

    • Target

      NinjaCS_v1.3.exe

    • Size

      3.5MB

    • MD5

      dcc565d6f70566ee2f78f7dff6131fdf

    • SHA1

      08dc0ad8713fac148cbf65d8ab7125ace4690252

    • SHA256

      06dc0a4a2e8a4c02c72be5872f0df88dc3f830619a470c2ede90eef86afae5d2

    • SHA512

      0983fc136a995ac9bdc3ca43477a45f10a817d53e91152a82214a8e4394a1a1edb737df7b66ce79104fba3b9bfbb7a9d90eac3e6e9be8626690fa3c7ce0aa8c3

    • SSDEEP

      98304:Fcb+6Lsjo5fE4I1o712g2WjHYHrPdFnOLUambXnAzWpcZqrg:FcRL15EwUglj4rbO0XnXcV

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks