General
-
Target
Nihon.exe.bin
-
Size
12.7MB
-
Sample
240522-yrd7kaed8w
-
MD5
26b058dde37aedb08da5bb55fb38570e
-
SHA1
d3bd14485f02571243540c6df24fa8fb5ac00d00
-
SHA256
5c2575405d4d2c904ae43fa36a5787999f334f531b7f1d1a43028369ba9368c6
-
SHA512
32c6c21401241b024a912c47790a716f580796822e97a2842b61067d5b0b7f916314be3a721b5901d1184cd49a608ad63bb26fdeea682d8c81e820b562d9980b
-
SSDEEP
196608:kuMJHRhINicdkxGnOICwuY+5F4XUJGPrjMxQZEPdlO+si:kRHVcdkx3ICw8IEUj5klt
Static task
static1
Behavioral task
behavioral1
Sample
Nihon.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Nihon.exe.bin
-
Size
12.7MB
-
MD5
26b058dde37aedb08da5bb55fb38570e
-
SHA1
d3bd14485f02571243540c6df24fa8fb5ac00d00
-
SHA256
5c2575405d4d2c904ae43fa36a5787999f334f531b7f1d1a43028369ba9368c6
-
SHA512
32c6c21401241b024a912c47790a716f580796822e97a2842b61067d5b0b7f916314be3a721b5901d1184cd49a608ad63bb26fdeea682d8c81e820b562d9980b
-
SSDEEP
196608:kuMJHRhINicdkxGnOICwuY+5F4XUJGPrjMxQZEPdlO+si:kRHVcdkx3ICw8IEUj5klt
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-