Nyx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Nyx.exe
Size

712KB
MD5

bb1313aacee59bda777dd3b34bc38ecf
SHA1

b2a5c20759b1739dba23e32a1d783d0105d30e4a
SHA256

8c1e16b60b6556a69a9c8a86f10c9466714bf8126a38b26160a057b3bd7e2abe
SHA512

fbc7d8f672ce0c79f9e3121ee8450318b3032dab9bdfe98e53fe3b409d236c22bf3f62101645f754545d2a1a3da22599c2cd29b54f246dbe0acd50712820a315
SSDEEP

12288:OE6TMTlk1nRC4MEE8hGIQSvtMYIfAPD7VqlrjZtpO9G5qDc/:cWlenJGIQSFbIWD7Vqlrjnd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Nyx.exe

Files

Nyx.exe
.exe windows:4 windows x64 arch:x64

Password: sigma

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wt<
Size: - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.a4y
Size: 709KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ