Overview

overview

10

Static

static

10

NucleusApp.zip

windows10-1703-x64

1

EasyHook.dll

windows10-1703-x64

1

EasyHook32.dll

windows10-1703-x64

3

EasyHook32Svc.exe

windows10-1703-x64

3

EasyHook64.dll

windows10-1703-x64

1

EasyHook64Svc.exe

windows10-1703-x64

1

EasyHookSvc.exe

windows10-1703-x64

3

Ionic.Zip.Reduced.dll

windows10-1703-x64

1

Jint.dll

windows10-1703-x64

1

NAudio.dll

windows10-1703-x64

1

Newtonsoft.Json.dll

windows10-1703-x64

1

Nucleus.Gaming.dll

windows10-1703-x64

1

Nucleus.Hook32.dll

windows10-1703-x64

3

Nucleus.Hook64.dll

windows10-1703-x64

1

Nucleus.IJx64.exe

windows10-1703-x64

1

Settings.ini

windows10-1703-x64

1

gui/icons/default.png

windows10-1703-x64

3

gui/icons/icons.ini

windows10-1703-x64

1

gui/theme/...rs.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...ja.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...us.ini

windows10-1703-x64

1

utils/XInp...lt.ini

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/devr...er.ini

windows10-1703-x64

1

utils/x360...ce.ini

windows10-1703-x64

1

utils/x360..._3.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    75s
  • max time network
    84s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    31-07-2024 13:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    utils/XInputPlus/Loader/ReadMe_en.txt

  • Size

    427B

  • MD5

    95b10e24a898351805ecb781bf4cbd88

  • SHA1

    616db4c5fec7f29c89b9b969379128379d6c4935

  • SHA256

    603736b22b209c3faa38d8f88d9613d0febb00df25cb2931aafc527766ad7f07

  • SHA512

    2c51db288313d7528d2d003c8623aa22889cb88a12612234dcaab79469391a85716584968af5a237f709b6180299aca0a8c59b4d2cd6c4561160fd9fd41ec462

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\utils\XInputPlus\Loader\ReadMe_en.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads