General

  • Target

    App6.exe

  • Size

    20.9MB

  • Sample

    240618-xdvrqaydkm

  • MD5

    4d8c25236bbf32d9470f3ab7316e1652

  • SHA1

    0662ccfb31aa070718a84ab0e591851c72ec1c27

  • SHA256

    be4b7ce185c2ae9640894b97e30b3faa9d99794560638fcbd04935b5f74d6e4d

  • SHA512

    9174858839fbde8788d5423097c0147e469e107cb96ebbc22033e2a753e3b9b6c8ad3fda9512a4f8157025b1702e486cdf0c67d70bc974543b9aae6ef561e823

  • SSDEEP

    393216:CEkZQtss27DNL01+l+uq+VvbW+eGQRg93iObIhRS/PcLzrq+6oAd8XTN:ChQtsBB01+l+uqgvbW+e5R49MhR+c/em

Malware Config

Targets

    • Target

      App6.exe

    • Size

      20.9MB

    • MD5

      4d8c25236bbf32d9470f3ab7316e1652

    • SHA1

      0662ccfb31aa070718a84ab0e591851c72ec1c27

    • SHA256

      be4b7ce185c2ae9640894b97e30b3faa9d99794560638fcbd04935b5f74d6e4d

    • SHA512

      9174858839fbde8788d5423097c0147e469e107cb96ebbc22033e2a753e3b9b6c8ad3fda9512a4f8157025b1702e486cdf0c67d70bc974543b9aae6ef561e823

    • SSDEEP

      393216:CEkZQtss27DNL01+l+uq+VvbW+eGQRg93iObIhRS/PcLzrq+6oAd8XTN:ChQtsBB01+l+uqgvbW+e5R49MhR+c/em

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      NiceRAT.pyc

    • Size

      74KB

    • MD5

      05f2838338b63bf11a142848acb66731

    • SHA1

      5a938ffcef3b3b4abc79c25a4ec59d197e8bf4a7

    • SHA256

      4bd9a94d4fb9d0f880b0f74fa0bb376b696d6283e174776346d3a7d5c2f58bd1

    • SHA512

      7660d0d9d4248c29c3c1c7b353986dfb7e8194507b10904436cf9adab5109a0ae07ba5721d43c3c3775d633f08eff8013cdd3ee6f4346279bfba65e51545b45e

    • SSDEEP

      1536:Jkx+peIUJlJ/x2IsVCR28r78sgo6wtkzrTSR/em:JkiW2IsVP8ssgonkzrTSRd

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks