Overview

overview

7

Static

static

3

Bin/Extens...er.exe

windows7-x64

1

Bin/Extens...er.exe

windows10-2004-x64

1

Nihon.exe

windows7-x64

1

Nihon.exe

windows10-2004-x64

7

Nihon.exe.xml

windows7-x64

1

Nihon.exe.xml

windows10-2004-x64

1

Scripts/Aimbot 3.0.js

windows7-x64

1

Scripts/Aimbot 3.0.js

windows10-2004-x64

1

Scripts/Aimbot.js

windows7-x64

1

Scripts/Aimbot.js

windows10-2004-x64

1

Scripts/CC Aimbot.js

windows7-x64

1

Scripts/CC Aimbot.js

windows10-2004-x64

1

Scripts/De... v2.js

windows7-x64

1

Scripts/De... v2.js

windows10-2004-x64

1

Scripts/De...rer.js

windows7-x64

1

Scripts/De...rer.js

windows10-2004-x64

1

Scripts/Mad City 2.js

windows7-x64

1

Scripts/Mad City 2.js

windows10-2004-x64

1

Scripts/Orca Hub.js

windows7-x64

1

Scripts/Orca Hub.js

windows10-2004-x64

1

Scripts/OxieHub.js

windows7-x64

1

Scripts/OxieHub.js

windows10-2004-x64

1

Scripts/TopKek V3.js

windows7-x64

1

Scripts/TopKek V3.js

windows10-2004-x64

1

loader.dll

windows7-x64

1

loader.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    55s
  • max time network
    53s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-04-2024 16:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nihon.exe

  • Size

    7.0MB

  • MD5

    c1710581cd3435206fe9430ca2b176ea

  • SHA1

    6639efa6e9933368498461d704b3335bc3be08e3

  • SHA256

    c22eef35c9d5facc5ec6423577419077a7305c5be195f5b8a0167ac5b62d78c3

  • SHA512

    594ac03e4bd5917333bed646d0df6d530c0bccab1e9e7062267bf4ad12ae1d87aeb9c353a415c37a1db9b4a529021ca044d0aa1654e57b6a49490c439389c40e

  • SSDEEP

    196608:ZW5nsbRNSJILeK2eENgphmY4JYuog7NC9k:ZW5nsbwqeRe0gphmYsYuog78a

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Nihon.exe
    "C:\Users\Admin\AppData\Local\Temp\Nihon.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3475a19fe54e4224a236f4f652b81ad7\WebView2Loader.dll
    Filesize

    107KB

    MD5

    0fc6f5b0b3babdf352024844d2a756d5

    SHA1

    1b58e7c0ff1d1cd83d9aed80c8d75d8bc2b163e8

    SHA256

    77a2a3097c0af6e884d2f7643dfe38094453309dd2433c33730fca10a0477411

    SHA512

    81942fe24fdb0977ffc4e19046af49cdb3cfd4660d75a4e8f5a5db399275c9641a2615bf01c94b74fed044730144b0969160a2eaccf274ee4aae6c595e5abe15

    Download Submit

  • memory/4940-10-0x0000000005F00000-0x0000000005F10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4940-1-0x0000000000A90000-0x00000000011A0000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/4940-7-0x0000000005F00000-0x0000000005F10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4940-8-0x0000000005B80000-0x0000000005B9A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/4940-9-0x0000000005C60000-0x0000000005D12000-memory.dmp

    Filesize

    712KB

    Download

  • memory/4940-0-0x0000000074530000-0x0000000074CE0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4940-11-0x0000000006010000-0x0000000006414000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4940-12-0x0000000008160000-0x0000000008168000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4940-13-0x000000000A930000-0x000000000A968000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4940-14-0x000000000A910000-0x000000000A91E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4940-15-0x0000000005F00000-0x0000000005F10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4940-16-0x0000000074530000-0x0000000074CE0000-memory.dmp

    Filesize

    7.7MB

    Download