2a5a392717e8095eb3b0a0d4e5df01648e94f23db3973f8d1dfa4dbbf77900f8 | Triage

Resubmissions

14/08/2024, 16:26

240814-txtf8awgkq 8

14/08/2024, 16:25

240814-txfkcs1gqa 6

Sharing

Copy URL Twitter E-mail

General

Target

Nyx.exe
Size

4.8MB
Sample

240814-txtf8awgkq
MD5

2160b2f130898499895e342e29434db2
SHA1

e7d5e6bb5362b1c9b7f341546c1b801c35ac1071
SHA256

2a5a392717e8095eb3b0a0d4e5df01648e94f23db3973f8d1dfa4dbbf77900f8
SHA512

769b9d01f0c6e04777d5c36ee14f94258b693a48e00208836fe8f491822d073653ebb73d61ffc35352a3ecb4d4c77ddac19e6448cd8b9ca23f38b08e4372c3fb
SSDEEP

98304:gCadw7umchnKvJ8tSjpNd5Y/fDVrGY39Mp6KokPe/Ms6ni80Y:gCa4chKhCSjTdWjVxuQ//6i8/

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  Nyx.exe
- Size
  
  4.8MB
- MD5
  
  2160b2f130898499895e342e29434db2
- SHA1
  
  e7d5e6bb5362b1c9b7f341546c1b801c35ac1071
- SHA256
  
  2a5a392717e8095eb3b0a0d4e5df01648e94f23db3973f8d1dfa4dbbf77900f8
- SHA512
  
  769b9d01f0c6e04777d5c36ee14f94258b693a48e00208836fe8f491822d073653ebb73d61ffc35352a3ecb4d4c77ddac19e6448cd8b9ca23f38b08e4372c3fb
- SSDEEP
  
  98304:gCadw7umchnKvJ8tSjpNd5Y/fDVrGY39Mp6KokPe/Ms6ni80Y:gCa4chKhCSjTdWjVxuQ//6i8/
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2