Analysis

  • max time kernel
    150s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-05-2024 05:17

General

  • Target

    nazimod-loader.exe

  • Size

    129KB

  • MD5

    897a2ed720e3b87f9cd0dae05c1da5dc

  • SHA1

    7eae6ae004c466d9853aca4c030058e69b7818c9

  • SHA256

    255bb820e8d375b3ad33d770d6446eb2372ae53ee35bb76d430cc21d0e0540af

  • SHA512

    abf052de6d5d023d29c480a50a093e20d6a4a1aed7df9c86d347a557bb71e2e1abbae1b283e4567dc8a434a50641eff70f6ee94ab7c3ec0306ea810d2da4df0d

  • SSDEEP

    3072:NoikLA4yfTDhBUZ8BeohEelPfLnt9x2Zl1mwph+aBEbrPpg8biru:xd1TDlWl1hph+Ppg8Z

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\nazimod-loader.exe
    "C:\Users\Admin\AppData\Local\Temp\nazimod-loader.exe"
    1⤵
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    PID:2128
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads