General

  • Target

    nitro-gen.exe

  • Size

    7.0MB

  • Sample

    240603-h5kcqsha65

  • MD5

    cb98cfe2ee6d2605ac75c53b1f454919

  • SHA1

    ce3205b4ad3191bed67f6433ce2e4b892dd1e501

  • SHA256

    23c24bf5b1a5c5ae49d1e75e1a1c840a474c50ffd6d8a7f2c526c7450ef449c8

  • SHA512

    df4613d867f0a16be293e34fc1c4f4d00bb8dc3d4e2f6335c38f89937218577784fd8f2dca582e8f795ef1812afeec8f3cd737142936892e0ece2d7d89275f9b

  • SSDEEP

    98304:S4zHqdVfB2GyuT/9vUIdD9C+z3zO917vOTh+ezsNh75S2zh/hQqJvmJ1YPFlVtqu:SwQsGbT/9bvLz3S1bA32zOqMYPdZ

Malware Config

Targets

    • Target

      nitro-gen.exe

    • Size

      7.0MB

    • MD5

      cb98cfe2ee6d2605ac75c53b1f454919

    • SHA1

      ce3205b4ad3191bed67f6433ce2e4b892dd1e501

    • SHA256

      23c24bf5b1a5c5ae49d1e75e1a1c840a474c50ffd6d8a7f2c526c7450ef449c8

    • SHA512

      df4613d867f0a16be293e34fc1c4f4d00bb8dc3d4e2f6335c38f89937218577784fd8f2dca582e8f795ef1812afeec8f3cd737142936892e0ece2d7d89275f9b

    • SSDEEP

      98304:S4zHqdVfB2GyuT/9vUIdD9C+z3zO917vOTh+ezsNh75S2zh/hQqJvmJ1YPFlVtqu:SwQsGbT/9bvLz3S1bA32zOqMYPdZ

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks