Overview

overview

10

Static

static

10

Nitro-gen.exe

windows7-x64

7

Nitro-gen.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Nitro-gen.exe

  • Size

    17.8MB

  • Sample

    240708-3g5zravbrp

  • MD5

    fc7b9858b6743823efe28e848590a325

  • SHA1

    cc655820d7886356d92de7e07f655a24c1039e0e

  • SHA256

    e3d56b3a4103e8ec46f152b2c760f580551db16d88097b4d99ec337dbab3347a

  • SHA512

    4ab6a67b2671de344a37777f12036ebf62184928cb641f59f6d970e693b25499ed6301b84a1321c325fee9645bb0032b01781bf36d14f9dc896af6f3f99b2ef3

  • SSDEEP

    393216:oqPnLFXlrPmQ8DOETgsvfGugUUzyovEv7WQAK6slq:ZPLFXNOQhE9XUzyhyQAj

Score
10/10
empyreanpersistenceprivilege_escalationpyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      Nitro-gen.exe

    • Size

      17.8MB

    • MD5

      fc7b9858b6743823efe28e848590a325

    • SHA1

      cc655820d7886356d92de7e07f655a24c1039e0e

    • SHA256

      e3d56b3a4103e8ec46f152b2c760f580551db16d88097b4d99ec337dbab3347a

    • SHA512

      4ab6a67b2671de344a37777f12036ebf62184928cb641f59f6d970e693b25499ed6301b84a1321c325fee9645bb0032b01781bf36d14f9dc896af6f3f99b2ef3

    • SSDEEP

      393216:oqPnLFXlrPmQ8DOETgsvfGugUUzyovEv7WQAK6slq:ZPLFXNOQhE9XUzyhyQAj

    Score
    7/10
    upxpersistenceprivilege_escalationspywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      6471ce1713ffa6c19049098a8ff7429a

    • SHA1

      7b4f253e90c0f20c5f8796175e2bc6a359cf538b

    • SHA256

      f82ce88619eaf14e27600a22ddda42326d4f898b5f2514c7612872f89c4b7a1c

    • SHA512

      8429b94cec8c221191251b5f12862347ef8731a60c488210921dfe05a4b802fef75be99f149cecbd3f5991ed5401febcfc91510e0f1056a8dd6c8ed329dcdc09

    • SSDEEP

      192:w01wD8Vp9WdXwrLSvAaJhw78bMdwMHcnw:rjWu6R278bP6cw

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks