Overview

overview

3

Static

static

3

NiXai-Al8s...2p.exe

windows7-x64

1

NiXai-Al8s...2p.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 23:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NiXai-Al8s1-l7fEK-25k2p.exe

  • Size

    969KB

  • MD5

    8c2893039a56aa4764978f1d0e4324aa

  • SHA1

    a83733c6becc06c5df45b1116ed26bf54a3bcc91

  • SHA256

    25d3944953923b4132653ab6207533d7cc7fc7ec20ee9a5c2a09855f77b017d0

  • SHA512

    6171dc2ae2a881ccc869e9f33e51f999d36fa7bbb1096e14015db0e819d03cba139c7689994b2e49515c0419c0498ca681583498820d9588819b36619cd43a9a

  • SSDEEP

    24576:AIsVjqGf5KXxKZWagSP+AMZF+O93l0fZm:h0OAmSmAk+O93+x

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NiXai-Al8s1-l7fEK-25k2p.exe
    "C:\Users\Admin\AppData\Local\Temp\NiXai-Al8s1-l7fEK-25k2p.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1228
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c certutil -hashfile "C:\Users\Admin\AppData\Local\Temp\NiXai-Al8s1-l7fEK-25k2p.exe" MD5 | find /i /v "md5" | find /i /v "certutil"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4856
      • C:\Windows\system32\certutil.exe
        certutil -hashfile "C:\Users\Admin\AppData\Local\Temp\NiXai-Al8s1-l7fEK-25k2p.exe" MD5
        3⤵
          PID:4588
        • C:\Windows\system32\find.exe
          find /i /v "md5"
          3⤵
            PID:3544
          • C:\Windows\system32\find.exe
            find /i /v "certutil"
            3⤵
              PID:2336
          • C:\Windows\system32\cmd.exe
            C:\Windows\system32\cmd.exe /c Color C
            2⤵
              PID:3356
            • C:\Windows\system32\cmd.exe
              C:\Windows\system32\cmd.exe /c cls
              2⤵
                PID:4708
              • C:\Windows\system32\cmd.exe
                C:\Windows\system32\cmd.exe /c cls
                2⤵
                  PID:2196
                • C:\Windows\system32\cmd.exe
                  C:\Windows\system32\cmd.exe /c cls
                  2⤵
                    PID:2580
                  • C:\Windows\system32\cmd.exe
                    C:\Windows\system32\cmd.exe /c cls
                    2⤵
                      PID:512
                    • C:\Windows\system32\cmd.exe
                      C:\Windows\system32\cmd.exe /c cls
                      2⤵
                        PID:2244
                      • C:\Windows\system32\cmd.exe
                        C:\Windows\system32\cmd.exe /c cls
                        2⤵
                          PID:1240
                        • C:\Windows\system32\cmd.exe
                          C:\Windows\system32\cmd.exe /c cls
                          2⤵
                            PID:2120

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads