Analysis
-
max time kernel
1561s -
max time network
1562s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06-09-2024 15:16
General
-
Target
Smartypants Nitro Generator.exe
-
Size
39.1MB
-
MD5
b9f745b1526b29439fdd38ce6b2bc742
-
SHA1
bc4d96ab019f20b1f27f9c42b28335881b12667b
-
SHA256
662aa5533d68b67b9c4a3df2ede43fc3248689364ad91bb7375a6aad469537ac
-
SHA512
59ecbbc8dd57e0967d23dca59a224a114f9e2774b25b8334123434e5244828b2e24372f18c2274693c2005ef0b07b77b3893492409e41884290b89dbf7574ea8
-
SSDEEP
786432:drUx++qTptDALygrfynGsEweceyuTZ3gPEFOuvR1q+6fCvp6LM5F8/TYS+pdGDg2:FHADfst7CyuZ3fr6fCvrDgTzs8
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Smartypants Nitro Generator.exe"C:\Users\Admin\AppData\Local\Temp\Smartypants Nitro Generator.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\onefile_2380_133701093775836000\Stub.exe"C:\Users\Admin\AppData\Local\Temp\Smartypants Nitro Generator.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD55a5dd7cad8028097842b0afef45bfbcf
SHA1e247a2e460687c607253949c52ae2801ff35dc4a
SHA256a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858