de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0

Sharing

Copy URL Twitter E-mail

General

Target

nikkeminiloader_8S7QGAWTYxa.wg.intl.exe
Size

8.4MB
Sample

240424-cmgw1aeb79
MD5

558baff0dfd86eeb1891f4c5d5650d78
SHA1

a3ab36e65d579eab3485d115282f5f0722e047f2
SHA256

de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0
SHA512

866215075aef94dbcf6cc84c7de1c765a3aa3b95cf63d5accf94839a3ec15afae683a3ebb14fb4b0f055b10560eae66d069fa3495fc60a89babff3ebe519e2c3
SSDEEP

196608:FJE8Z06WTBBQU7rCqOhkmtgpq2YCgsUSCcIGDP1Z+E:FO8Z06WTBBFROhkugjYCgux7b5

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  nikkeminiloader_8S7QGAWTYxa.wg.intl.exe
- Size
  
  8.4MB
- MD5
  
  558baff0dfd86eeb1891f4c5d5650d78
- SHA1
  
  a3ab36e65d579eab3485d115282f5f0722e047f2
- SHA256
  
  de198448159376ac6ecf71d527aba4e364ca542e1b552cf3492c7a5d7f5442b0
- SHA512
  
  866215075aef94dbcf6cc84c7de1c765a3aa3b95cf63d5accf94839a3ec15afae683a3ebb14fb4b0f055b10560eae66d069fa3495fc60a89babff3ebe519e2c3
- SSDEEP
  
  196608:FJE8Z06WTBBQU7rCqOhkmtgpq2YCgsUSCcIGDP1Z+E:FO8Z06WTBBFROhkugjYCgux7b5
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISPlugin.dll
- Size
  
  1.0MB
- MD5
  
  7c1b00e82c60c4850fcb098d48c40410
- SHA1
  
  4430e0632c75ca4a8ef5093a70b6e82ec7d3de3f
- SHA256
  
  1b9a09720ab5f6fed43d366cdf1d314b15e29e4eeabefdc528bf4053a0c1b0ef
- SHA512
  
  8a089435e5e4291526041362d3247ab46c95d2c2669ef1530a8029b6c898e8ee23fa5af9dd43bbdb27e1c51f74ce588068611db52954dd750219169d2f7e97c8
- SSDEEP
  
  24576:MN7rmqhBdVUSpMqn2prMjE5RtqecX+UNvSgpT9FqrQyKo:Ut72lpa9TTCrQyK
Score

3^/10
behavioral3 behavioral4
- Target
  
  LogConfig.ini
- Size
  
  119B
- MD5
  
  d964fa19360cab52e1192c890f5d5c6f
- SHA1
  
  bd39d8cbe9ddf9e5601f28c53683f01ee134d22c
- SHA256
  
  dd6589e9649d503fabd58da196df3b675e377ea3059fcff83f48f162fe67ccbb
- SHA512
  
  17a5c0a012346b14a12687f16cf9c473f35722d4957c5c22e389ee7af15a8799a8f13ad7e353383bfb1b67513132839124c5ede376254c3271b5fc9bc1bfacc1
Score

1^/10
behavioral5 behavioral6
- Target
  
  Minidown.xml
- Size
  
  2KB
- MD5
  
  dcd4f47ba320ae736408d9f2d500965d
- SHA1
  
  9ce745ac482fd42100db53ad1c244d60e5abac82
- SHA256
  
  fe500bc73cbf8e07207f4c26bf43db58f10307ea9c818c80c51ed008aa59ec7e
- SHA512
  
  f4d160dc0afa1af1a78fa98a1849704d749627cd35f8be86fd487b2025a8a26f270fe5f9356f250d4fd4ff386e5487838f43ea247bf2602e36c8dab7e02c99dc
Score

1^/10
behavioral7 behavioral8
- Target
  
  bugreport.ini
- Size
  
  758B
- MD5
  
  32aa3f2f7c172e3391c3c4960f00fbf4
- SHA1
  
  fa24a54c00a2e38b634262befc57bfe29a1c4362
- SHA256
  
  b829f2ca211c275d382268925c9c361aaf390eaa8180a194c371fd98add75864
- SHA512
  
  2cb029f8edf04db5c46f314c3e214f3b971925f8dc983520ca87a5162eee74590a078d4600520b49ad8255724ef53decac8eb3ed9be8a6282fa0067820947a5c
Score

1^/10
behavioral10 behavioral9
- Target
  
  error_code.json
- Size
  
  351KB
- MD5
  
  5d03b84780b4b5d73c1e4d07a40fb2a2
- SHA1
  
  9df0051b2cbb3b6a382b65c190f54839cce0dc6b
- SHA256
  
  47649caa1ae7de1c2755ca3dce0aa003808b4f7ed383c8de7e0ea8c0c56f7d92
- SHA512
  
  64a188c6570017cbec5573e33d96ed57fbd9b0cd0dd64418227fc61cbe8a500878729d555b3eb139f12b7f3b3f1b7125a44e9c299209bd4674b281ce427c4c9d
- SSDEEP
  
  6144:5Jg3FDBBTv4epVmAXSUJhi0oGwvcyvCjclMrK32BIck:5Jg3FDBBTvbQ05Y
Score

3^/10
behavioral11 behavioral12
- Target
  
  icon.ico
- Size
  
  101KB
- MD5
  
  0937c17f72ec86b2a9602a9c040644dd
- SHA1
  
  4bc5a1516c31e94f9dab7191f8add0f09a2b8843
- SHA256
  
  aada7fb8ba88a9e40fa12a25df784b47322977c7a0e554659fb30b382eef7f0f
- SHA512
  
  5ef784e7d07ff51285ab47ace2a03d6ccf96088d248ccff19e55a941edb5412fafc4da26ac5d6fc56a64ab9db73c8d295f8e85be4c87324eabdf7b1dd0c990a7
- SSDEEP
  
  1536:CXBJJoHp38hX4fyVSzozwHPmpmX+7E3A+42xft/UmatyhBUF:CRJJgNfyVSzo+XrZ9/NaUhB8
Score

3^/10
behavioral13 behavioral14
- Target
  
  install_script.dat
- Size
  
  2KB
- MD5
  
  41521c5944eb404f6dad9716ecb1ba97
- SHA1
  
  8ef998a415bf800b848c78164b6654820738c5a5
- SHA256
  
  2d83030eabeff1ed875cd441b381344a3c04af346c7b647e847c18bd4a48c012
- SHA512
  
  6469e7adcbb7c62ddba22bc0bc824e7d00133a1212a7293828aeda8a036632ec0e1738268fe8db3d0da62f46cfc4e486d5cc210b5fdeabd069d5494f7fe2480e
Score

3^/10
behavioral15 behavioral16
- Target
  
  nikkeminiloader.exe
- Size
  
  4.8MB
- MD5
  
  6a8d00c4defd7b75ca3096819b764c23
- SHA1
  
  84188345c08078cb44097b4b415d7964c43472c5
- SHA256
  
  18fe90e301cff4e78e03e3218955ff89481a0ee90784bf759942f3cb29bb6a8f
- SHA512
  
  4c2692bf2ba1ee72fc0346960d2877acad839a6f6ead377acecdbf053e155cc2556eda5afe0fd9549b998f71a8db2526cf0690d9550e435dd543418cb449f56d
- SSDEEP
  
  98304:pML0pPSAop5/gsBGRRtFxBz8EnUdzUnAduuFYBdwsozeIS+Axr:dqm8GvwEnruFYBXozPAJ
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral17 behavioral18
- Target
  
  res.zip
- Size
  
  2.7MB
- MD5
  
  b7350caa5e05a925853adeb2470634ee
- SHA1
  
  32ca90ef90801ab74ca46eadc817d98d9ee55613
- SHA256
  
  585c503a2a1987076fccb1e79f3c5eb0746befac8a9ef123bb2d97ebe53e3f0c
- SHA512
  
  c942f2faa674fdb1a3a7c2808a494cf8f8664a44c710994c86f36e260ec368e9ff3c02cc1ee6da96228bda6ec4b5b3093a7d1dce147ce94c8183973937c59953
- SSDEEP
  
  49152:1alk9f7aU9oGCSpPjzjVEG1ucMU57rdKHZx+juhtDuTcObFBy:4lkgU9oCl7V3MS7r202gTcP
Score

1^/10
behavioral19 behavioral20
- Target
  
  browse_t_hover.png
- Size
  
  163B
- MD5
  
  d58cbe11ad1ecfcaa8834c8f68d3b02b
- SHA1
  
  6b1e7b11413b34ba7459cc47b532922c068bedea
- SHA256
  
  514df2894c8e16cb84e9612cf21a1af97290aae2254902d7c6b982102ffb70a0
- SHA512
  
  f2ca14d1e38ba5e9f4aefc9f3992b258527923e7fc468c2589888cdece7e94429fc3619bcce2996dd7019dd9ef8f50bc3b928dea7b12f244fe1cddcf1b9d61da
Score

3^/10
behavioral21 behavioral22
- Target
  
  [email protected]
- Size
  
  293B
- MD5
  
  00d74d4e86302a9ef881c24e5c90110e
- SHA1
  
  b3442b38263148064000cb02f8a8fdfe19410080
- SHA256
  
  85282d8b3dbb535982ccf66c8879327e79dc92f4d54b0dadd633add63b124fed
- SHA512
  
  43b039020abde29e23ce935dfd1bc607eb98a65cca92639f6958a0a8982f51dab9b085658c4299104bf27576b30769a9e9ef279161d16cbf208279336b7244bf
Score

3^/10
behavioral23 behavioral24
- Target
  
  browse_t_normal.png
- Size
  
  163B
- MD5
  
  8e237ec90cbe0866caa4b1c59e9aba53
- SHA1
  
  a3c2cc57f0a5618c1585a8940a5fd2202a39fd22
- SHA256
  
  53bb488c488fa35fc04883f289c9ce4f39b17230b734ffdfb52dfb9258e157d0
- SHA512
  
  943625d96fcb03340e456861f92959afa949fadd3a0c784bcbeb7d61875a120f0cef689542c49be9b133ef4baff960b6afb6e6373d96011d3def7ede0c4dc31d
Score

3^/10
behavioral25 behavioral26
- Target
  
  [email protected]
- Size
  
  293B
- MD5
  
  4f1db286206f2aa4d9ea0d73d4bbeae2
- SHA1
  
  d972ddc28dd70410f96be2409dea29dd8b25bf3d
- SHA256
  
  c62bccef49832be697e41dd409f21f2bbf02fd2678276b10c5355234f925a6e0
- SHA512
  
  d96ed972d39b7b0e4a83dfee48c7a90bab74dfb694e9142ec3e3b991eef3e6df7acf602fc0fe8b0b62ab7753cdeb766c8c1cbeaf65b03a8f956fceb385b2e755
Score

3^/10
behavioral27 behavioral28
- Target
  
  browse_t_pressed.png
- Size
  
  163B
- MD5
  
  58ef6d1170e87b94121be14f05dbfa81
- SHA1
  
  071359415e04da7b3f64b2c9e0eb7a30e9b5c351
- SHA256
  
  38467fa068dbf4431dc7f30bff5d7d44f8b355e7ef3220085cc9fce93a2bc5bc
- SHA512
  
  23d3db3c03297b12d5f8f031edf99f7e9f47b05ea45c82435fd57d62278dd3af3908a87ffe345f1c7f56d27663f53264356d83125ee3a4c97795ff5e08381bee
Score

3^/10
behavioral29 behavioral30
- Target
  
  [email protected]
- Size
  
  293B
- MD5
  
  6d2d4d14f2b477bc32a24362a19213b9
- SHA1
  
  bbfec7bc6f9a46e0d859dd37ad6d052db2bbbec9
- SHA256
  
  26c7e3e0b4be13c525bd5d16a1339398db70ca9d2a28ca08c1b51f96be0f4ed1
- SHA512
  
  0339dfa95b0a64b324a719fbfc6cc5a3bb1dd2fd30c504fad916fc05df0c459c739370a81b2f33b9e4b3984f00a77129d891a4ac9d72146442c2662a4deac46e
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates connected drives

Checks computer location settings

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32