Overview

overview

7

Static

static

3

GANG-Nuker.zip

windows10-2004-x64

1

GANG-Nuker/GANG.exe

windows10-2004-x64

7

GANG.pyc

windows10-2004-x64

3

GANG-Nuker...nt.txt

windows10-2004-x64

1

GANG-Nuker...NG.png

windows10-2004-x64

3

GANG-Nuker...ker.py

windows10-2004-x64

3

GANG-Nuker...gin.py

windows10-2004-x64

3

GANG-Nuker...ter.py

windows10-2004-x64

3

GANG-Nuker...ber.py

windows10-2004-x64

3

GANG-Nuker...kup.py

windows10-2004-x64

3

GANG-Nuker...nfo.py

windows10-2004-x64

3

GANG-Nuker...ore.py

windows10-2004-x64

3

GANG-Nuker...mon.py

windows10-2004-x64

3

GANG-Nuker...rys.py

windows10-2004-x64

3

GANG-Nuker...ate.py

windows10-2004-x64

3

GANG-Nuker...ersion

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GANG-Nuker.zip

  • Size

    119.6MB

  • Sample

    240528-r7rz2aae74

  • MD5

    e603ebe3f649129748e6f42292d29d42

  • SHA1

    23362f52a8ae9c79cebcf6bd0e8d5e3b992537a5

  • SHA256

    502b2bfc63c501480abe0209a1ad8889fba1903571d92da7b57990e2eee8b672

  • SHA512

    a2e6630d318b5e93c2adcc4bfb43b5a1a909adc882b04dc83927a3a04e4481ebd22c62ffaee8e71ba98293afe257fc2a59bce984068b22158099124c12269c64

  • SSDEEP

    3145728:3vcJgb/VIeZ0t5btsyY+o3vElePzIOTohqTY4sE3vjn26ib/:fdb/V1856v3s2sPBwLn26ib/

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      GANG-Nuker.zip

    • Size

      119.6MB

    • MD5

      e603ebe3f649129748e6f42292d29d42

    • SHA1

      23362f52a8ae9c79cebcf6bd0e8d5e3b992537a5

    • SHA256

      502b2bfc63c501480abe0209a1ad8889fba1903571d92da7b57990e2eee8b672

    • SHA512

      a2e6630d318b5e93c2adcc4bfb43b5a1a909adc882b04dc83927a3a04e4481ebd22c62ffaee8e71ba98293afe257fc2a59bce984068b22158099124c12269c64

    • SSDEEP

      3145728:3vcJgb/VIeZ0t5btsyY+o3vElePzIOTohqTY4sE3vjn26ib/:fdb/V1856v3s2sPBwLn26ib/

    Score
    1/10
    behavioral1

    • Target

      GANG-Nuker/GANG.exe

    • Size

      120.3MB

    • MD5

      715013fb4fd49928e4d06441af90cd6a

    • SHA1

      577048f59e756d16594f687bbe30c619033ef898

    • SHA256

      2f44de5a3a84543ecc843d0e1af4770e1b7c7417e431c3d6b6ad011e50d30644

    • SHA512

      743b42f7d178edd74ceb750b0076c0579ff3a48f1db209a2a7bbac7721a7fb1b9c7c0794439fa2dd7eead48736160943d57197a4acd05eb4555f2c3fe3c3f326

    • SSDEEP

      3145728:9ZWYDtBQgwothCWoMI13jKDKVaTZKIWFZKIv7Ma0pHTUJwUa:6+tePYIW6uDUn4ha0dgJwUa

    Score
    7/10

    • Loads dropped DLL

    behavioral2

    • Target

      GANG.pyc

    • Size

      39KB

    • MD5

      599306b7e7159b076399086c81519b3b

    • SHA1

      d7b3050bc6fed6252750d06cccb0798d9799fc53

    • SHA256

      95001b9b93a183bce1741be0eb526f25853be5d086120197f7715aa135a1e79c

    • SHA512

      eb43339a2ef686d1f2829c29b837dfd2cfa10aeaf38568e21c63408d88dcf2a12d6854559cd9f91e758bb188fe79cd554123d9074232126de34c6ec1f182ebde

    • SSDEEP

      768:0LyvlkA8e+W9p+Qbjv2DArJBg8FG8mpbdCrBNMunTrjZ+N1qPDOk:0Ly1Vrv2D84UnycFyunjZ+N1qSk

    Score
    3/10
    behavioral3

    • Target

      GANG-Nuker/data/useragent.txt

    • Size

      107KB

    • MD5

      87611a383aad3f9339fc180c5a28ca6e

    • SHA1

      d875860243886421f2f156a1e9cd320b89abde86

    • SHA256

      c509a66661a5da1ec3c46730a93ecc6fc0352a5ebd94662f0b2239c073909bfd

    • SHA512

      e61839e4bbec81b73ce0f556cc4ecc93f8989773e663d38cd9608ee97cf52268b1d66080fc2f0218a3e76671d0ab346eb804ff920d4e37dcc0d4bdfd800c39e0

    • SSDEEP

      384:6Vyfd3K85+0RGDv8Vw9NF2OJb8d+45kyypFsxKA5tapSfVr+iPLTfrlbFHDz:jlQ0mw75gpFIjfr9Fjz

    Score
    1/10
    behavioral4

    • Target

      GANG-Nuker/utilities/Avatars/GANG.png

    • Size

      292KB

    • MD5

      c8f94d22ce486c07a1fe48050f0949ec

    • SHA1

      647d0327c7af7428167650060671e2ecba5f1ed5

    • SHA256

      f7a931ef99512e0e4c4059295b356d2878c79549199aa6b5f4eae8d52dc5151f

    • SHA512

      742a7b4b0e98e7c7b5e6184e2aac59195b7449e524be2b341575bc464f3bc5daadb4c3c58f825c6d88eadda911857400e1910701691dac236f7d8f2e7f490bae

    • SSDEEP

      6144:Kx0mNIkEhwsZpttn9UiZzmczxR2Ur2bWXbLAH/A8OVT:KxzNlqwktt9bmczPKbWXbr

    Score
    3/10
    behavioral5

    • Target

      GANG-Nuker/utilities/Plugins/Account_Nuker.py

    • Size

      5KB

    • MD5

      c1e94efccc970a642d468a719017cae8

    • SHA1

      94fcb3b6084b1aa7c311ba434e9e6a3dcbbdf9d2

    • SHA256

      22048ee9d20120554b817d6292caeee2336604270f3d7f84947e4db4ea4fdcad

    • SHA512

      83dc3c12fba8700d17130f36ca7b6190a5787234666e6a0bd1eec23f46fde47c07bc9734dd6c16518f2ef953e0f30b064c169d23071ddcca8832a7580e5c2372

    • SSDEEP

      96:odBu4DmDrZ+0m3VAtqk3nNmgXhTh+RUNRQyIFgO+:CBu4D49bGAd9DRQdFu

    Score
    3/10
    behavioral6

    • Target

      GANG-Nuker/utilities/Plugins/Auto_Login.py

    • Size

      2KB

    • MD5

      5f1e03d33dc4f2c1d78a0109c5778550

    • SHA1

      a6f44af43b5a45938fa77aba6414b476d6813023

    • SHA256

      e9a3d79a5c3216e169a1451c6e899085940f72f94fe263ecd3a9739f4c650b1f

    • SHA512

      316b33dee5fb95c999589f1b7f3319f64a6b4d17fc03f3b731cbecd15b6165894a6a61038c98856f467400769223255625ba6781749d175235b180a923e232d1

    Score
    3/10
    behavioral7

    • Target

      GANG-Nuker/utilities/Plugins/DM_Deleter.py

    • Size

      688B

    • MD5

      a0281892c4cc47df836acdc86d2f536a

    • SHA1

      fda81e4b55658c5471f5734764f56742819ac706

    • SHA256

      5cd19808a91cbe40e89a2de9ff24d153b81d022179dbe4c3b23d0474ce3e8e96

    • SHA512

      9cb8d770b8a275be09bb9f9d0621142a0923eb6ec0101e44d50e25277a3ba3e6d9c3fa6efc83feb14f25b093fedc94fe7577152c86f812191c43df50d9ccf1cf

    Score
    3/10
    behavioral8

    • Target

      GANG-Nuker/utilities/Plugins/QR_Grabber.py

    • Size

      7KB

    • MD5

      8318cf91fadaed5b13703be18e432b99

    • SHA1

      2eeaf7763e8010056399f8591edebe0cf844c517

    • SHA256

      ed80578d80f6828f88badeb3c3b74720fd76233eb823b786f6cfe5ee308d62b3

    • SHA512

      ec39fc9b7bfffee14f6b53ad359bd392d201755047646ad55be44f0c29473525d20af53ae928f1977740b9a7b6d3b7abb5a2bd287a45af4d445291b012d01b09

    • SSDEEP

      192:lvtb3r8reFpWwg7UzyiDdMz8Gt/5x3uiLK:lVpjoUz11Gt/5xu

    Score
    3/10
    behavioral9

    • Target

      GANG-Nuker/utilities/Plugins/Server_Lookup.py

    • Size

      2KB

    • MD5

      5525d43dd9604f2001dd7e16fddec630

    • SHA1

      4f4cbcf679881d139f721f70f3bb1835ae53a9e7

    • SHA256

      a55a516416c59294be36cfae89ab848c7339db53c138416c9b1fe9b62d93815e

    • SHA512

      976d3cc527537b6f03503fd1d317779611b643324b72c2f5f739fd48ccdd692f8266a59d76481c72c7ab349bffcb3b59342f407d9d26c284575ecea7ab557e0c

    Score
    3/10
    behavioral10

    • Target

      GANG-Nuker/utilities/Plugins/Token_Info.py

    • Size

      6KB

    • MD5

      b4d77d60541fae8713c8e576533a7d17

    • SHA1

      b6f3c7141bdbbfa31fca5e02e06033962b5597a1

    • SHA256

      e5b89869e7d0873c8c34a5ffe8a78b5ca0414a8a3bfcb91e46cf8322b6a68231

    • SHA512

      69d8062cf0095561021a27dfadf1d231fd5a20e6dc25ba15244ab65e48b3493ec12f4be9f3f8ca526adcc1a7eda8656d8d65a34b14d04ab0df1be74af6a7320c

    • SSDEEP

      96:+GVyBwiJGx23wLJnBT2pTFDgQOjNOas6q8GZq8ctwGaW1sYIOfe:+GVHiQnJ52pNgQOgapCRGaWxNm

    Score
    3/10
    behavioral11

    • Target

      GANG-Nuker/utilities/Plugins/ignore/ignore.py

    • Size

      15B

    • MD5

      a6fdb61bf0958f708077a3dfe721ba7a

    • SHA1

      9cb4236f3be9069892093299cfb64118712e991c

    • SHA256

      9f2ebe4ee8506911c79d986221dde75966f3628e4cb0ab8bc7832b6a1e5cfaea

    • SHA512

      34a08158aa31918ba758de0d18d9f468f728495445243751573c47a87997fbcbfd86ffc0f27dfd68d6a922767b44b5132dddecf4550453469921a1d0b8a64121

    Score
    3/10
    behavioral12

    • Target

      GANG-Nuker/utilities/Settings/common.py

    • Size

      16KB

    • MD5

      f186cc9dc18205a284841cc4f2d9404b

    • SHA1

      23fae132129a9e4ac12d8a7d2dac5b11f19ac525

    • SHA256

      a44a1c3133a6dac1e882c2e4409d3d5d270b281e282b86d85f22a2138c8b1855

    • SHA512

      c20f402af617891da2f5eae126ba76cd3d488255f25a23cb3066190bb3d312a05375690383de2b8a4630c6aa8af1cbb82a4c48f08bcb392990e9c10ce8b98bc7

    • SSDEEP

      192:pF+ZPh7K+/e10aa70UEee10FVumZ/e00OhED16oDmBqTJ2Stm6MGXCjIIEqv1n:pF+VRW+EYBxLhED1NiB8J2omQCZn

    Score
    3/10
    behavioral13

    • Target

      GANG-Nuker/utilities/Settings/libarys.py

    • Size

      5KB

    • MD5

      696f535444e0cff335a95930ebf63d90

    • SHA1

      6ef10467e7a25b1a6f441d75d5584c569d1f7d36

    • SHA256

      df597e1bccf9909ead31a2c9b4c535021eb12b5f8a1a0c607a4630fd1e9c9aca

    • SHA512

      d3cf09f60c4ce63804b7f38c3687028c03885703db1b97a73d5ecd97d9ae89d24968c2ff9563ed2b944084e5e6ec70f1b13181d831a7f966d73936dde57c821a

    • SSDEEP

      96:OkHRqUXKp8MQFzmYxeRwj3RFTp7b2ETIp9tgPKcfEBWVPFcGIX++01QVEBW0w:OkP1RfbVTStY+WVP6tXAzW0w

    Score
    3/10
    behavioral14

    • Target

      GANG-Nuker/utilities/Settings/update.py

    • Size

      5KB

    • MD5

      4bf2fc54a6ae687c63d7fbe7af60c08e

    • SHA1

      25cd8319ded225a40b633156b70f0849ab44b43d

    • SHA256

      4272ea902df70571c3d862a50258604b65907fa68fed8b5b607b204763759774

    • SHA512

      23d188285954c5f222be7d850c3b9d86b8bf47848f3d89f79ef89ab33cafa739d6cf1d5156dbfb4a8a979c45425abc8a24dd5b1f91dc128b53fa164e64b97e18

    • SSDEEP

      48:gih832plNYwHFYhYAzX1Ra7VThRDkib1XKm+tiNr7Q+bn81+fPly:O32pDxHF+YGXjQV/+ohhy

    Score
    3/10
    behavioral15

    • Target

      GANG-Nuker/utilities/Settings/version

    • Size

      6B

    • MD5

      90d03bebeb88f1b007f47b68aaeb9893

    • SHA1

      9a1a4bc4ca9e44b3ccf4c764cb670aae41b078a0

    • SHA256

      99600f6a7bfe6c33ebd1a2518f44a861a67afc40c25da42bc622595716529584

    • SHA512

      f2dd4209f2ff2a09aaa63267411caaaf0434ba9e1df833add86dbb4b1c96397670e3173b22ecf087bf9fe8236a703e8fb080e14c12fed081c3710b57993b0925

    Score
    1/10
    behavioral16

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

13
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks