Overview

overview

3

Static

static

1

_collections_abc.pyc

windows10-2004-x64

3

_weakrefset.pyc

windows10-2004-x64

3

abc.pyc

windows10-2004-x64

3

codecs.pyc

windows10-2004-x64

3

collection...__.pyc

windows10-2004-x64

3

collections/abc.pyc

windows10-2004-x64

3

copyreg.pyc

windows10-2004-x64

3

encodings/...__.pyc

windows10-2004-x64

3

encodings/aliases.pyc

windows10-2004-x64

3

encodings/ascii.pyc

windows10-2004-x64

3

encodings/...ec.pyc

windows10-2004-x64

3

encodings/big5.pyc

windows10-2004-x64

3

encodings/...cs.pyc

windows10-2004-x64

3

encodings/...ec.pyc

windows10-2004-x64

3

encodings/charmap.pyc

windows10-2004-x64

3

encodings/cp037.pyc

windows10-2004-x64

3

encodings/cp1006.pyc

windows10-2004-x64

3

encodings/cp1026.pyc

windows10-2004-x64

3

encodings/cp1125.pyc

windows10-2004-x64

3

encodings/cp1140.pyc

windows10-2004-x64

3

encodings/cp1250.pyc

windows10-2004-x64

3

encodings/cp1251.pyc

windows10-2004-x64

3

encodings/cp1252.pyc

windows10-2004-x64

3

encodings/cp1253.pyc

windows10-2004-x64

3

encodings/cp1254.pyc

windows10-2004-x64

3

encodings/cp1255.pyc

windows10-2004-x64

3

encodings/cp1256.pyc

windows10-2004-x64

3

encodings/cp1257.pyc

windows10-2004-x64

3

Nexx Priva...in.pkg

windows10-2004-x64

3

Nexx Priva...n.html

windows10-2004-x64

1

Nexx Priva...ain.py

windows10-2004-x64

3

Nexx Priva...un.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nexx_Private_V2_2.zip

  • Size

    6.5MB

  • Sample

    240326-ynvedadh4w

  • MD5

    7155fa3db9d07eeb1b2141a6f25ac44c

  • SHA1

    0c0d723d6d10ce4f728531cc9cb141ff9721647c

  • SHA256

    208673224933c0afac03ed353d00261e836d96395eef6f4910770c5e471333ec

  • SHA512

    a3b04e051604846d531a129cb5ad0e9f57293df8f20224ab788d2bf412ead20a3686944f4341aee32b122026c9a313443c718039e3c26d90a067a59f95e08e12

  • SSDEEP

    98304:q6kEOYZN4NtfSwuotEf/S/aI/Nlfj4bSy/vrZll9+mROFC00vVObuIkFa:q5i8fkHHSSola5ZlpUFCpvAbu5Fa

Score
3/10

Malware Config

Targets

    • Target

      _collections_abc.pyc

    • Size

      32KB

    • MD5

      f0f46b6f2ad26f03600d399287d2e402

    • SHA1

      a610c39653599f669b487cff467cf48eed1f6e81

    • SHA256

      4c28bda163b74cae9eb42ce5c0d730aa61df532986bdcaca268d98abbd867750

    • SHA512

      255558ff8a208813194b59f81310bb10fec579da0714063a1fcc5edddfa97f592d2727b4e50e28f4ed9c3b9062192656726e83a59589bc0c6bc7c8ac110446af

    • SSDEEP

      768:PpDSJBiWAf7ykrfxLKims18gYYeruAEfClot:NWkWBk7xLKimsugYJuAqgg

    Score
    3/10
    behavioral1

    • Target

      _weakrefset.pyc

    • Size

      7KB

    • MD5

      1d2e7b3f64f73eebd5dba286acb3d558

    • SHA1

      986d6f1d51bd54d1d2896598f21e6df9e9f3e7c1

    • SHA256

      5f7135255973d195ec7374b7b3153fc5e39cedfc57c688bb91837ae13da7a1e4

    • SHA512

      5859425504fee526a03d54ce499cea004fb8b110d0ec33447ebeda244213daf567d9eddb59d7937cd85b316ff26f94d71d8186715b0d54b60e38581c5b183982

    • SSDEEP

      192:tf0NKYNJiLFeqeJHOHlGbakhujJRrms8N3vQ0aj1mvhCAjk2+QnLIP7F1qGDnJlL:lAvNsLEqeJOFOakhkJRrms8N3vQ0aj1z

    Score
    3/10
    behavioral2

    • Target

      abc.pyc

    • Size

      6KB

    • MD5

      15ac4e24cc9dc44f7763a2d4378a45a4

    • SHA1

      0db70690ee85b1dda64351095462a05afefab105

    • SHA256

      52ad89f1bd913d767fd84e819b7e6ee16a4711629620105342792a403047713e

    • SHA512

      50002866fc6f8602213f3685ac448e3595f5e83f737f0e1251f0bdd904cece5d3b6612ab10b7355ecc7966da66f3c40dd6818588a484fbada5a3d5bae1d05b80

    • SSDEEP

      192:gg2+dPAos8UySnUlKs1p2yjRiDsegl9o2UeooawoXLk5ebJUlo:/2+dPC8N3bigYxXLk5eCo

    Score
    3/10
    behavioral3

    • Target

      codecs.pyc

    • Size

      32KB

    • MD5

      4aa91c138c40118764c9e893ad53891c

    • SHA1

      12c1029c0f16655192c72ce97ad6c68f7eb8338d

    • SHA256

      83a8d6ff0b595043761a6dffaa3cdc5470bae959c7cfa3066276fdc65eaf6d4d

    • SHA512

      7e0751350b1f2fe55cadb19dcef99b5f1679c5858e491fdec34b00e21a90ff96c2d53b5ee3c887eff3be23f9e5ba93236f5e2b3e84205258893c210d69e0c539

    • SSDEEP

      768:uU/N41w3bo0YqcZCYEg7oUroGXmSg1ZxnK4THeleyy8I:uBPs+Xg1ZxK4THeleyZI

    Score
    3/10
    behavioral4

    • Target

      collections/__init__.pyc

    • Size

      47KB

    • MD5

      81a6509c7c8a60ed2c96fd91b14c9352

    • SHA1

      a8254abe12546f38916b6248738d7abbeec09794

    • SHA256

      95c36b884b957f591b4b725f2c4056a3024ac42f26e3d9feec300f2b233d3e27

    • SHA512

      5451c8cc6caaab1b062121c694c11e5b53bef86d1a57d61f80198755a48b77c5235ccc3df04d66663fabb2df0b78c6153e9526534f4856957262f711ceae16ed

    • SSDEEP

      768:vxh29yquFGpSGtsGe3yDRBPou+eQ5It8AbGm79WxSNj4QHUzmVaSTqKoJodQ5vUv:T291uGpS13yDRBPoJIt8AbGm79WENsQ9

    Score
    3/10
    behavioral5

    • Target

      collections/abc.pyc

    • Size

      218B

    • MD5

      a17254bb48980ade90f84d569e0cbc92

    • SHA1

      530e5fcd010cca814c37a32db604bc4efbf0f2e7

    • SHA256

      16ba4900c8cc21b1c20ecf6833a88c43dacfae9b47e8f4354859a3ecaa8585a4

    • SHA512

      49c85f1ab7ca5a8b1245b16622d6c897abc096a6493931dd40fdc5b6c1137f7ebfa14999899e94e8a42b473b855ab3c3c23f3d08a6c4b9cd5971a090caea8f6b

    Score
    3/10
    behavioral6

    • Target

      copyreg.pyc

    • Size

      4KB

    • MD5

      b54fec5902723a06d1734bc502b947b4

    • SHA1

      a63a70b5acfc7abcdaf970cc2a43326b5bff4884

    • SHA256

      479d7c95fa69e75116262ae58df374a362843c35cbd1622aa1400509e57eb3dc

    • SHA512

      2e6fb7d27ba4da9a897399abe5b198c776b9f67bfea2047d0da27e6b1ab742df3cfcdacd6a6b3d212f4a3113bc74952f532d9484739c545bac87875ca0e12370

    • SSDEEP

      96:ApCI7QMLHI9jOeSVEZXaruKxbbJJdbTKqvesaCWfqmov2LYHjmTw92qH3TA/CZZ:mvHGvGdruKpbRu4e2WfhhLYHjmTsH3T/

    Score
    3/10
    behavioral7

    • Target

      encodings/__init__.pyc

    • Size

      3KB

    • MD5

      b7166a175f8e6b8b05ba5e2d74db4112

    • SHA1

      770f4394f17b46ce0a09274c9a71afeba67f4257

    • SHA256

      22407a414f2d7bf530fe5d1c9adcf2df786c130250307af3fd58fb773ee6fb21

    • SHA512

      549a203066f1f0e50a0e45053ffb8883c4e8d4646f53c1869efe5b8fd8635d3d050f722b456ed17c749517f27d4db3698618b97b187a04ed9515cfaf19af7606

    Score
    3/10
    behavioral8

    • Target

      encodings/aliases.pyc

    • Size

      10KB

    • MD5

      6ed637d8773035426243f1142c5c80bd

    • SHA1

      c2df5a52606d14bd322fd12e8b1eea9b8e31d0af

    • SHA256

      2706fe0ba3620d9d2cc342c94e02e06f196f1d16436d0f1091237d6d4bebf30f

    • SHA512

      47cde7148ae33d0eef6a5b94b2265762fd3c62e29640ee6f45cc23a488e5872f600a311f68bde541b0383b5223a9480983cec57a6680fd59533902260f739f95

    • SSDEEP

      192:GX2eNkBweGfGkueK4+I14Xqb36RhOgaxL8PZm+/Qnu1iXFzxOkq4bpehh3qkyR0N:GXG0bueBU6uHc+Izx9IX6Ri

    Score
    3/10
    behavioral9

    • Target

      encodings/ascii.pyc

    • Size

      1KB

    • MD5

      5b9186df4a5ad6247c4579654fbc3a0f

    • SHA1

      8df3c98c1b9245cf725d4cfda4d4b5eff02befb4

    • SHA256

      a260af800dd9a77a6fb7dccbff41cc6922f21f7f955045b52d99659246935d5d

    • SHA512

      aa051f09acd8ef07cf0e0471faf257ad84ce0d04c07ef6f0f313c09516ea93ddc18c9405b78908a86c6a3f31fa39e528af8308ccccea6bf7e4ec701e818bbfb4

    Score
    3/10
    behavioral10

    • Target

      encodings/base64_codec.pyc

    • Size

      2KB

    • MD5

      9be24d15d41fa5fba1c8e7c880e8a21a

    • SHA1

      55a2df810f08bc78e69677d9ecb86011c3f49b45

    • SHA256

      5bf789a9d266b1efe934b3f72ac8d4918d3f230b8be5a75448c121de94e7dd28

    • SHA512

      8e4a319db078049e696c2a8d2a19a5076f043cac2fbc7dddccfdc93e6a93a2c620b8c0d78dd23d10b236a4e11a2b7ca2cf4d669d0bdeec63266593b102c5cd6c

    Score
    3/10
    behavioral11

    • Target

      encodings/big5.pyc

    • Size

      1KB

    • MD5

      30dd3023824783afa5783270240af633

    • SHA1

      bca37f76d3a98539e31bfb14de232895d5749979

    • SHA256

      9ba263ce55ad578a24b415b92ea6a40c535107910b569a3b0eb3800838f529a8

    • SHA512

      361c23253d6bd4e132401201cc42917b7ad4e18ea0002e77d23403df7b9ad331300fb1b9cf7ae5b9b977100de19a9c7835bc5d6c3c1192cc84e98ad59b887880

    Score
    3/10
    behavioral12

    • Target

      encodings/big5hkscs.pyc

    • Size

      1KB

    • MD5

      858c2aed1b411db7f240127f465907be

    • SHA1

      cf54bc905de4425f38531ea1abd15e624946f9c9

    • SHA256

      91a65aa014bed7de528559afea50b1d31fa03df301144ae9cf3a062be7cf7dbd

    • SHA512

      98e10efc0594f9066d43323b339cdd7402ada87ff8e1bfa723351f19dd600a13b98151db0a947f3d1e0994cd99f92cd5e4570ff1c4c64000006d8a1047686224

    Score
    3/10
    behavioral13

    • Target

      encodings/bz2_codec.pyc

    • Size

      2KB

    • MD5

      df92025a794678fcbde84921de6d47d9

    • SHA1

      518e314be1fd311557cd5d7102c3a723f8a70230

    • SHA256

      8f3d12df9c806a0f8b15200ad7200ddc32cd01b993c5b5b01ecbb1ec6e3c2415

    • SHA512

      32ce1784ca9d1f377f29b561ce4fca8e5ab926a595fdf33eb493db65091d1677d814c56faeb5e957f9ab5b141ccd0a3139028362f3713e32471ff21cecc50627

    Score
    3/10
    behavioral14

    • Target

      encodings/charmap.pyc

    • Size

      2KB

    • MD5

      51b1c9f8790a32f75171200a22da11c6

    • SHA1

      d60e02d557c05ee68636534b480da1bad1b030ec

    • SHA256

      3e6437462d09fd58d7df10053a9023dffb1a959ab92ca7b5b437b7dc7f2c1f40

    • SHA512

      32a1cff7df6f13aabd5516e1c50cdf2f59c0e49413b5582666decf5d1c66d92d9adc68a0c79a7114dec26b92f35b4aaaea9c18496cea5cf1b4d1ccb5bd4ac497

    Score
    3/10
    behavioral15

    • Target

      encodings/cp037.pyc

    • Size

      2KB

    • MD5

      18c3f16fb9f01b1bcbe1d6b51dbbff0a

    • SHA1

      7486640d339d9887e430c7d8ef9d2491aa68ac17

    • SHA256

      e2758ee34b008d8370588904f4bd4f62bdbca50d6522e13ba397c8834d228d8e

    • SHA512

      4809d98f36a92c7c1b50f0afb5cff2f66809c6b5aebe44f6a28406582fc71891d49de7794551ffcc8daddb4a627c2bf4a59a40176c10dbd9e64688e026cf3ab1

    Score
    3/10
    behavioral16

    • Target

      encodings/cp1006.pyc

    • Size

      2KB

    • MD5

      3d4e647ce37785acb94389d4128a3d9e

    • SHA1

      7239dc87e9347e2157e5a15a8baf93b8ec7af069

    • SHA256

      25375381dbcdeba66be938a2d93b464776508131d00775000f418c6322b071ed

    • SHA512

      77719afa671b4fd3de800e06be9b5cdb50eaa18f4567fbbfd62539ffa9d167c0ed21b6410e5572a7310103cba254c3049f57fcff45f46c6e4479a3cb2038185e

    Score
    3/10
    behavioral17

    • Target

      encodings/cp1026.pyc

    • Size

      2KB

    • MD5

      b89a202874001fa7f6f5048eb016e48c

    • SHA1

      563aac9887bdc50b75abece86782927263f0fbcc

    • SHA256

      2a07f03ca16dd3c982e0c07b13986f49c49c36f5fa6e561d7a8e24d2d078adb3

    • SHA512

      c47e0013d318f813ebee264119836bb5c05114f1785431d8128faea1f86543cf37ca9bf43977d8fd18b85e392cf89be53768f7a657001c3e4d7066218288b556

    Score
    3/10
    behavioral18

    • Target

      encodings/cp1125.pyc

    • Size

      9KB

    • MD5

      fcdd71625123f8d976019a0e5737f22b

    • SHA1

      d1ce471ea8264ee60c44401817bc06cdc7192eff

    • SHA256

      e647ab4454786c46a06dae4416b4df675155297a4d4e4a8d17cd8c0742d05923

    • SHA512

      a89ab4cc93fd200a273f75c90d772e5f83775e45a8589d3bf5c04d484e9f7650c27e88102ce62bf6fea99b18332c12576bb3d81225a1ff24a9964b2d86a7db7f

    • SSDEEP

      192:yHU3FTrf1u/FBSMPG59oWeH7bGZUFhUQEnXRJQ/vq5Tbf1M3SrY21:yA8tBSMPG59LiQcyQh/6TbdMd21

    Score
    3/10
    behavioral19

    • Target

      encodings/cp1140.pyc

    • Size

      2KB

    • MD5

      501076011a36d07aaf8d7ca1bcf25160

    • SHA1

      98a1291e05d1d86a0f787b3cc3c631a40112f356

    • SHA256

      3118a5094dcc74ff9ccbb49a7f297d4a63ec2bf9b20957bfec480f25dd7f96f5

    • SHA512

      2d40bb24f1b7cd2c03ecc7156335bcb99209cb6ca15982030b796ff659726bc248487bff0f6846b8c27f6bef8e6da32fd955ae1e973877eb9c76f72f4240e8ad

    Score
    3/10
    behavioral20

    • Target

      encodings/cp1250.pyc

    • Size

      2KB

    • MD5

      a1bcf77860d98156a7df13536ad0b70d

    • SHA1

      481a396d8f755881ba32ab64a9914ebd158145b1

    • SHA256

      761f33872d2c5b76e1213c7bd670959e9233f14447779d448d5ca735c7b46d37

    • SHA512

      58bb651a4461249398f8c3968af2df9f72a34bf0f5ca7724538ff272427e5d5a6a2081b1290aa5d9dd3eaf3dfeb0af7060f3bca9609f25986a23f911d0a77869

    Score
    3/10
    behavioral21

    • Target

      encodings/cp1251.pyc

    • Size

      2KB

    • MD5

      cd2c2d136144aca5e1583f55357fe5a5

    • SHA1

      7640e82e6ee40d716e8e77035b3ab2605bce5f68

    • SHA256

      37bd76a0da528c1006b2a3f12d0ca04d92e5d78294190a3263adcd8d9bac6bb9

    • SHA512

      e41d243103f360c39501d0aff12f031c1c0449536510949e0f55ef6e262e9a8a69766198de70f90e65901e7821a9f15cf104080644bb73cbef3c69c062813d7d

    Score
    3/10
    behavioral22

    • Target

      encodings/cp1252.pyc

    • Size

      2KB

    • MD5

      3e0dc581fe82c9630d9e93480be33db4

    • SHA1

      ed68383de363a904672a57c652221a45a3f700c5

    • SHA256

      f34fe276ad857bc2cb7b17c21ac8c63721d0f2b80bcb9e4cb192812e9f90c19d

    • SHA512

      4bdd501382c87dc8ee2200cab5eb46f2c8ac30ae8aed0bf5fb08b5db13a086f1c0a20bbff276a0cc441ec89f69ce104657dfd411081046cbb7550b02c5e36aa4

    Score
    3/10
    behavioral23

    • Target

      encodings/cp1253.pyc

    • Size

      2KB

    • MD5

      3e936f01183c421c7b0ed0187e11ee75

    • SHA1

      e1d11c7dc721ca3031187786f29be5cac3abb76d

    • SHA256

      530a7b0e73d9cc39f1b6cb810a4497ddbb4ca862dfb283bf3d03cc584eb5d087

    • SHA512

      cf759228d039465428f33958fa5c59cac1016358664e52bda1ad047f08ea8ca6e9e66e73bd0935b96752fee336f7649ddfcb01af588e97f933fc8ec8be158eb1

    Score
    3/10
    behavioral24

    • Target

      encodings/cp1254.pyc

    • Size

      2KB

    • MD5

      3de93bcfbc8ff7b3554f1e2a0d584f34

    • SHA1

      dada91218d7a53c52023e1771171dc3d55be1c75

    • SHA256

      1df080ce6be1230dca229b061dc486966ce367dea404a53c2fc33c597c30f556

    • SHA512

      26779efe48bcfcb28a95062690ed454ce2775777b32566cbbc683e3200b8899275ffe654650233abf24912c9310f2ba837d94778c42554328e86a16ee3285908

    Score
    3/10
    behavioral25

    • Target

      encodings/cp1255.pyc

    • Size

      2KB

    • MD5

      0b199ebf6589bbe02221f0cd16ca5fdf

    • SHA1

      787acd1c1c5266a7de723026cb135d937cfef45d

    • SHA256

      2abf72aec03a50856ce114bbb62a5c7ccba958707af806bb479675c8f8457385

    • SHA512

      187a7219f2d44bf58fedf2dcb34ed9b27b47cfe234d454125991235a14660ee7ccbd85344110f0f24341d62eaf118144f6902e836ef8972b7665b1a8a18ad4d2

    Score
    3/10
    behavioral26

    • Target

      encodings/cp1256.pyc

    • Size

      2KB

    • MD5

      c53da51f61b1d18e680a054d59742382

    • SHA1

      9c886a305aeec86ae81722dbd61d783f0f471c46

    • SHA256

      9e23849e1cd17d803a34eac2fcd96d0459b10c4ffd69bd19c80f8ed0168f0bf3

    • SHA512

      1ba1fa2541dd2a6edca6d1a8e38ad0d0853ecbffd1c13091706320ef1c92964cf31b0a429164b4fb0e410451886b5859709b7a546128806935031933b9adca99

    Score
    3/10
    behavioral27

    • Target

      encodings/cp1257.pyc

    • Size

      2KB

    • MD5

      093eefc131edcb65186234f3f7a2db65

    • SHA1

      9a61dce6ee0063837ce63a698d7dcb13832e39b4

    • SHA256

      70624507a1447e9e556299c5ce250900f45684a8d757493a9e0fd44b8d22fb07

    • SHA512

      8b72d565e5f9bfa503f60684ef66d96e391b92ed2f61c4a0d1d25fe9abcf2642a3699434b59c1995fe2d8fe925a8c28d2cfcc10e1c547193ef3ed8548b1f8d93

    Score
    3/10
    behavioral28

    • Target

      Nexx Private V2/build/main/main.pkg

    • Size

      4.9MB

    • MD5

      93f11d8c3c4a326b164a28f74a225217

    • SHA1

      0c43283b5f37193226d07b74144fb3919c5d88f9

    • SHA256

      a667ebf5ca3e2464603d14175c01a158bfcdb2c814cf37ef730111a268ea7b10

    • SHA512

      b6efc1f87b10de36c64b7e03299154d6b59228c8d4de42558e657320920bb25aadb48c51496d3fc819a5fe0699f0443628ea5e1cb42c7fe16eca0f52ffb1d0d3

    • SSDEEP

      98304:F3epzb71QGQCPDbZfHayCb7BJ5mjwNwwMeZYobSr+RO1y2JL:FsdQmRfaycBIGpEog1yqL

    Score
    3/10
    behavioral29

    • Target

      Nexx Private V2/build/main/xref-main.html

    • Size

      262KB

    • MD5

      6ec5091b306d7336a2ab46938c2a061b

    • SHA1

      4da2fd4bfe2ccb3087aa171d0e549932440c3d37

    • SHA256

      4bc5b099780cdc47b012d73b057dbe336db6f3fa4166ea441b1c0cd63ff0d404

    • SHA512

      19784b9b32a8a369ca93a5b1c9087f9edc1124f87ce69107a024e9cebe8be6e5457edd01370aff4a9672be400bf37342a78bd8af5acc34c271cc79bf6d9e5846

    • SSDEEP

      6144:F2paTm242MHHWKpAGAXVYovFLRtgvpTSxr/0QYWCfDvAFNTQrzgYqhGaUT3aEfIK:MpKxmrpip3pDIo0

    Score
    1/10
    behavioral30

    • Target

      Nexx Private V2/main.py

    • Size

      2KB

    • MD5

      e36ea2e0e6cb7ff65b509026f0f25dd2

    • SHA1

      c4f72d881a13e718e6bce36fc84981d3021ff021

    • SHA256

      5d5b2c416734573a8f80b825fd859a1fc5e60c2de13e63a47e88d2afa2868577

    • SHA512

      cff604c6b43e994710e4f95a169bd6b1cab7e284948e5ba388ff4929d4c92c26d0a9cd3e70485e655395900d8c9f03c64ab7bd1833deb29985ce8edb243c0cd7

    Score
    3/10
    behavioral31

    • Target

      Nexx Private V2/run.bat

    • Size

      32B

    • MD5

      40705d9209de65fe7d433d1fc9c8882a

    • SHA1

      28f51e9958031c90a0cc1c24ab0c75b3bfcd83b9

    • SHA256

      e998f40ef073abcea6729b68c563e3988426b3c8586e83160c408cdf103c72be

    • SHA512

      f8e6fff4abb0995146b61d61ef19f8fff9897e3e442ee557a2569a5ca245a91836be55244fa5d2fe55e7b4fae2da2f05aab1892281bc95e1d545594115760149

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks