Overview

overview

10

Static

static

10

NucleusApp.zip

windows10-1703-x64

1

EasyHook.dll

windows10-1703-x64

1

EasyHook32.dll

windows10-1703-x64

3

EasyHook32Svc.exe

windows10-1703-x64

3

EasyHook64.dll

windows10-1703-x64

1

EasyHook64Svc.exe

windows10-1703-x64

1

EasyHookSvc.exe

windows10-1703-x64

3

Ionic.Zip.Reduced.dll

windows10-1703-x64

1

Jint.dll

windows10-1703-x64

1

NAudio.dll

windows10-1703-x64

1

Newtonsoft.Json.dll

windows10-1703-x64

1

Nucleus.Gaming.dll

windows10-1703-x64

1

Nucleus.Hook32.dll

windows10-1703-x64

3

Nucleus.Hook64.dll

windows10-1703-x64

1

Nucleus.IJx64.exe

windows10-1703-x64

1

Settings.ini

windows10-1703-x64

1

gui/icons/default.png

windows10-1703-x64

3

gui/icons/icons.ini

windows10-1703-x64

1

gui/theme/...rs.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...ja.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...us.ini

windows10-1703-x64

1

utils/XInp...lt.ini

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/devr...er.ini

windows10-1703-x64

1

utils/x360...ce.ini

windows10-1703-x64

1

utils/x360..._3.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    57s
  • max time network
    76s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    31-07-2024 13:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    utils/XInputPlus/old/ReadMe_en.txt

  • Size

    7KB

  • MD5

    e1dc62bc3bde97981ed797b87df3d8f5

  • SHA1

    c20d6b5ee058257d814ec16d668c40201371a663

  • SHA256

    15427941bde626a7d9a53f1846b2a4040e707613c2219b59e2a72f784b3911f4

  • SHA512

    cd3c4809f8d49973c463d9af6ff4685697ea38018db1ac97521eb5505b8c61615642b514ee7c43a713e3c2de0f31da89ed9715f0dbdedaf1da51a97c753b0a3d

  • SSDEEP

    96:eScXC4wlqbCWkMRTpyoVa+PQpflljiVAiC9FW6GXtlIxOQrUOnMqmRHgQH7Y:eRpVlpXnyllji+pFW6GKiJaQH7Y

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\utils\XInputPlus\old\ReadMe_en.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads