General

  • Target

    Nitro.rar

  • Size

    40.2MB

  • Sample

    240619-rb6tba1gpe

  • MD5

    a4de5d955af8f2741a7e2d8868814312

  • SHA1

    8e4b3bc11bedfcef7e90976f1689149b2fe5c47c

  • SHA256

    55a9731315dd5191dc6eab4ceef4be4a6c71a527c8b4205a41a1879283a7b3e1

  • SHA512

    949cfd1481a281532cf27645d3b3b52d06b1e4cfd5ec8eebe8d51afebb1f09ff2e8b6018ff22b7dd8136bd3933e050e0384204582b1d111bc89ce9f8e1e1efae

  • SSDEEP

    786432:HRAXpj+vh3S5fAxznW8t5U75PXn04LSlefAq71P+QY2/Qcdi+:HRMpjmNGfAhxU7l0CSl071PpY2/QUB

Score
7/10

Malware Config

Targets

    • Target

      Nitro.rar

    • Size

      40.2MB

    • MD5

      a4de5d955af8f2741a7e2d8868814312

    • SHA1

      8e4b3bc11bedfcef7e90976f1689149b2fe5c47c

    • SHA256

      55a9731315dd5191dc6eab4ceef4be4a6c71a527c8b4205a41a1879283a7b3e1

    • SHA512

      949cfd1481a281532cf27645d3b3b52d06b1e4cfd5ec8eebe8d51afebb1f09ff2e8b6018ff22b7dd8136bd3933e050e0384204582b1d111bc89ce9f8e1e1efae

    • SSDEEP

      786432:HRAXpj+vh3S5fAxznW8t5U75PXn04LSlefAq71P+QY2/Qcdi+:HRMpjmNGfAhxU7l0CSl071PpY2/QUB

    Score
    3/10
    • Target

      Nitro/Nitro Gen.exe

    • Size

      40.7MB

    • MD5

      e81f9b78450e7344808c76bf3a41dd4a

    • SHA1

      b05356ea5a7cc411a9a08335c683249fa4ee2fe2

    • SHA256

      fcdff10212a689286d474dd196b79e3e1753f29ba66b076477e5324238e00bd8

    • SHA512

      27fd2d287e34ab96270b27a8d0d348e4bebf317bb8fdad0e108edd61ed0de298d49b7b66944902729316bef7fd8aad1e5f4af6931c3b32737ee0949b97399e3e

    • SSDEEP

      786432:o9aVQtsR2XZW+e5Rm2j6+s7LWB75zuXVgfqPk7i9cLEUvqwZ3IhRZ/j6P:kYQt82XZW+eHm2qHWB75ilomfXUihnZI

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      main.pyc

    • Size

      63KB

    • MD5

      665970d2a9dd9646b6708c4557a250d8

    • SHA1

      639d6c945d962f3bf20314c9d3aad68a317d0075

    • SHA256

      a6cf7bcee5c167df01c4c82135d64c28aa94abfbd78632640b737fdb312699df

    • SHA512

      e838684ff50f801a3117096b708d71c85ffd2832e13a83a6f267d97aabf13ba649b13b490f9d390e6936f1ff31053a64d37a0e0fb21128f67c50591e89ed1108

    • SSDEEP

      768:qPI+YVnrzeICyMv8PNwBodgllYxfTvuuGGrp25Yg/DtnNN2sC0zgKVhpmLf:q2rzejmNXGllOfTGuo5Yg/DF2l0b0z

    Score
    3/10
    • Target

      Nitro/config/config.json

    • Size

      207B

    • MD5

      68076589d7fc83da783fe30d32988b17

    • SHA1

      05690d763e860b18d841ef0ed610893daff269af

    • SHA256

      3982ef33ed8e7edfe2a71550a4fff5f0c511a49201d7bb385093c5e5abac8072

    • SHA512

      7a7c0424a5cabfdbce63cde7cade4b26e8bb45a3142bdb2944f4779ea3753b121a563277359c8934045552c70ec53f931042182f4b5bace468b42b37d1e18a01

    Score
    3/10
    • Target

      Nitro/config/proxies.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    3/10
    • Target

      Nitro/results/hit.txt

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks