Resubmissions

21-06-2024 00:19

240621-amncnsxeqr 7

General

  • Target

    Nighty.exe

  • Size

    13.2MB

  • Sample

    240621-amncnsxeqr

  • MD5

    35f1aca96e14cb7fd56a1e57640d46ac

  • SHA1

    d3fb3965b158476c34ba679a53615f3023b77c6a

  • SHA256

    45faff7fd4f53f30627551d977d3d96748905e0e7b5649b9c78a667564cfe02a

  • SHA512

    d300ef24122286697ee51fc289a3266eabaff6bfa493c0c822d78268161f369ce1ac7e7b6b8cca52e29071f3156d00e3b8ccf262959834fd2400933e8c2ed47e

  • SSDEEP

    393216:vjxjOv9c5hlERL5RFJzFcguYtN3ZW7p4XZ92bAJ:vdjO1EhkLhZtN3+p4pU

Score
7/10

Malware Config

Targets

    • Target

      Nighty.exe

    • Size

      13.2MB

    • MD5

      35f1aca96e14cb7fd56a1e57640d46ac

    • SHA1

      d3fb3965b158476c34ba679a53615f3023b77c6a

    • SHA256

      45faff7fd4f53f30627551d977d3d96748905e0e7b5649b9c78a667564cfe02a

    • SHA512

      d300ef24122286697ee51fc289a3266eabaff6bfa493c0c822d78268161f369ce1ac7e7b6b8cca52e29071f3156d00e3b8ccf262959834fd2400933e8c2ed47e

    • SSDEEP

      393216:vjxjOv9c5hlERL5RFJzFcguYtN3ZW7p4XZ92bAJ:vdjO1EhkLhZtN3+p4pU

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      Nighty.pyc

    • Size

      101KB

    • MD5

      4c0695ca113e95d3f1cf438fdcf9d98f

    • SHA1

      e470bb79fe886a7d1ab1e5b7cb96ce77ffe260b3

    • SHA256

      01f465c0a5769c53cae25d66a1d8be386375786d44c600d7a7ae24cf8afc209f

    • SHA512

      836d95fa45780168203cb457c0609a40e68f5872f17ded74b05d6188ca4b57605298353f914d5eab675cc4ab5b7bf9146ddb1528e2620c18d64f53da59172a74

    • SSDEEP

      3072:UIgNfNrAfIxtCQBkm5GBJBxxjOKB6OYL0SXlw:hGFA4kQOZjjfBKL0g6

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks