Resubmissions
21-06-2024 00:19
240621-amncnsxeqr 7General
-
Target
Nighty.exe
-
Size
13.2MB
-
Sample
240621-amncnsxeqr
-
MD5
35f1aca96e14cb7fd56a1e57640d46ac
-
SHA1
d3fb3965b158476c34ba679a53615f3023b77c6a
-
SHA256
45faff7fd4f53f30627551d977d3d96748905e0e7b5649b9c78a667564cfe02a
-
SHA512
d300ef24122286697ee51fc289a3266eabaff6bfa493c0c822d78268161f369ce1ac7e7b6b8cca52e29071f3156d00e3b8ccf262959834fd2400933e8c2ed47e
-
SSDEEP
393216:vjxjOv9c5hlERL5RFJzFcguYtN3ZW7p4XZ92bAJ:vdjO1EhkLhZtN3+p4pU
Behavioral task
behavioral1
Sample
Nighty.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Nighty.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Nighty.pyc
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Nighty.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Nighty.exe
-
Size
13.2MB
-
MD5
35f1aca96e14cb7fd56a1e57640d46ac
-
SHA1
d3fb3965b158476c34ba679a53615f3023b77c6a
-
SHA256
45faff7fd4f53f30627551d977d3d96748905e0e7b5649b9c78a667564cfe02a
-
SHA512
d300ef24122286697ee51fc289a3266eabaff6bfa493c0c822d78268161f369ce1ac7e7b6b8cca52e29071f3156d00e3b8ccf262959834fd2400933e8c2ed47e
-
SSDEEP
393216:vjxjOv9c5hlERL5RFJzFcguYtN3ZW7p4XZ92bAJ:vdjO1EhkLhZtN3+p4pU
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Nighty.pyc
-
Size
101KB
-
MD5
4c0695ca113e95d3f1cf438fdcf9d98f
-
SHA1
e470bb79fe886a7d1ab1e5b7cb96ce77ffe260b3
-
SHA256
01f465c0a5769c53cae25d66a1d8be386375786d44c600d7a7ae24cf8afc209f
-
SHA512
836d95fa45780168203cb457c0609a40e68f5872f17ded74b05d6188ca4b57605298353f914d5eab675cc4ab5b7bf9146ddb1528e2620c18d64f53da59172a74
-
SSDEEP
3072:UIgNfNrAfIxtCQBkm5GBJBxxjOKB6OYL0SXlw:hGFA4kQOZjjfBKL0g6
Score3/10 -