Overview

overview

10

Static

static

10

NucleusApp.zip

windows10-1703-x64

1

EasyHook.dll

windows10-1703-x64

1

EasyHook32.dll

windows10-1703-x64

3

EasyHook32Svc.exe

windows10-1703-x64

3

EasyHook64.dll

windows10-1703-x64

1

EasyHook64Svc.exe

windows10-1703-x64

1

EasyHookSvc.exe

windows10-1703-x64

3

Ionic.Zip.Reduced.dll

windows10-1703-x64

1

Jint.dll

windows10-1703-x64

1

NAudio.dll

windows10-1703-x64

1

Newtonsoft.Json.dll

windows10-1703-x64

1

Nucleus.Gaming.dll

windows10-1703-x64

1

Nucleus.Hook32.dll

windows10-1703-x64

3

Nucleus.Hook64.dll

windows10-1703-x64

1

Nucleus.IJx64.exe

windows10-1703-x64

1

Settings.ini

windows10-1703-x64

1

gui/icons/default.png

windows10-1703-x64

3

gui/icons/icons.ini

windows10-1703-x64

1

gui/theme/...rs.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

gui/theme/...al.png

windows10-1703-x64

3

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...ja.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...en.txt

windows10-1703-x64

1

utils/XInp...us.ini

windows10-1703-x64

1

utils/XInp...lt.ini

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/XInp...me.txt

windows10-1703-x64

1

utils/devr...er.ini

windows10-1703-x64

1

utils/x360...ce.ini

windows10-1703-x64

1

utils/x360..._3.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    75s
  • max time network
    83s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    31-07-2024 13:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    utils/XInputPlus/old/XInputPlus.ini

  • Size

    2KB

  • MD5

    f28e6b76af804b913cf84ad987b0500f

  • SHA1

    276ba83cb2589056877df854c26709e0db7d5f4a

  • SHA256

    eac466f09013091e32c103743d21b98fb11e07fdc24887eb892e2b92646ba679

  • SHA512

    ab61d71d81087e006a4d40496462eb623c7a63655658edac4ffbf5deb7a918b18c6836b7f35432b870d8fc0bd1ff03b90b00df3dc39098151805e4426ff8e6dd

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\utils\XInputPlus\old\XInputPlus.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads