Overview
overview
10Static
static
10NucleusApp.zip
windows10-1703-x64
1EasyHook.dll
windows10-1703-x64
1EasyHook32.dll
windows10-1703-x64
3EasyHook32Svc.exe
windows10-1703-x64
3EasyHook64.dll
windows10-1703-x64
1EasyHook64Svc.exe
windows10-1703-x64
1EasyHookSvc.exe
windows10-1703-x64
3Ionic.Zip.Reduced.dll
windows10-1703-x64
1Jint.dll
windows10-1703-x64
1NAudio.dll
windows10-1703-x64
1Newtonsoft.Json.dll
windows10-1703-x64
1Nucleus.Gaming.dll
windows10-1703-x64
1Nucleus.Hook32.dll
windows10-1703-x64
3Nucleus.Hook64.dll
windows10-1703-x64
1Nucleus.IJx64.exe
windows10-1703-x64
1Settings.ini
windows10-1703-x64
1gui/icons/default.png
windows10-1703-x64
3gui/icons/icons.ini
windows10-1703-x64
1gui/theme/...rs.png
windows10-1703-x64
3gui/theme/...al.png
windows10-1703-x64
3gui/theme/...al.png
windows10-1703-x64
3utils/XInp...en.txt
windows10-1703-x64
1utils/XInp...ja.txt
windows10-1703-x64
1utils/XInp...en.txt
windows10-1703-x64
1utils/XInp...en.txt
windows10-1703-x64
1utils/XInp...us.ini
windows10-1703-x64
1utils/XInp...lt.ini
windows10-1703-x64
1utils/XInp...me.txt
windows10-1703-x64
1utils/XInp...me.txt
windows10-1703-x64
1utils/devr...er.ini
windows10-1703-x64
1utils/x360...ce.ini
windows10-1703-x64
1utils/x360..._3.dll
windows10-1703-x64
3Analysis
-
max time kernel
12s -
max time network
17s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
31-07-2024 13:28
Behavioral task
behavioral1
Sample
NucleusApp.zip
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral2
Sample
EasyHook.dll
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral3
Sample
EasyHook32.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral4
Sample
EasyHook32Svc.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral5
Sample
EasyHook64.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral6
Sample
EasyHook64Svc.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral7
Sample
EasyHookSvc.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral8
Sample
Ionic.Zip.Reduced.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral9
Sample
Jint.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral10
Sample
NAudio.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral11
Sample
Newtonsoft.Json.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral12
Sample
Nucleus.Gaming.dll
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral13
Sample
Nucleus.Hook32.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral14
Sample
Nucleus.Hook64.dll
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral15
Sample
Nucleus.IJx64.exe
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral16
Sample
Settings.ini
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral17
Sample
gui/icons/default.png
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral18
Sample
gui/icons/icons.ini
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral19
Sample
gui/theme/classic/16players.png
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral20
Sample
gui/theme/classic/2horizontal.png
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral21
Sample
gui/theme/classic/2vertical.png
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral22
Sample
utils/XInputPlus/Loader/ReadMe_en.txt
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral23
Sample
utils/XInputPlus/Loader/ReadMe_ja.txt
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral24
Sample
utils/XInputPlus/ReadMe_en.txt
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral25
Sample
utils/XInputPlus/old/ReadMe_en.txt
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral26
Sample
utils/XInputPlus/old/XInputPlus.ini
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral27
Sample
utils/XInputPlus/old/XInputPlus_Default.ini
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral28
Sample
utils/XInputPlus/old/winmm/Readme.txt
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral29
Sample
utils/XInputPlus/winmm/Readme.txt
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral30
Sample
utils/devreorder/devreorder.ini
Resource
win10-20240611-en
windows10-1703-x64
Behavioral task
behavioral31
Sample
utils/x360ce/x360ce.ini
Resource
win10-20240404-en
windows10-1703-x64
Behavioral task
behavioral32
Sample
utils/x360ce/xinput1_3.dll
Resource
win10-20240611-en
windows10-1703-x64
General
-
Target
utils/x360ce/x360ce.ini
-
Size
4KB
-
MD5
21336a6c30bf8fcee6b16bf37337e8ea
-
SHA1
0dc97749b74599bab0917eb868e082177a8241bb
-
SHA256
d06182d765d556df5780ad25369998d0e53dfac6b34024107d55713d07287389
-
SHA512
81f20e86fd73af613c48872c3013d8adb1b9121b741cd5ec7c8e268f0174eae6e7fb7e461b67728c6e5c72fa58b746cc51933a28ea84a7aaf60ca565fe196a10
-
SSDEEP
48:r3UJBFOhzqXJdVdrWFrKW/8lF2llQh+AT/nv0pgM81W1yti0kNZg5jGNhZeXpYmX:rQDOruRlFIlnAbMn81WP60MLc56
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 4772 NOTEPAD.EXE