cbd9226c470efd29143f357e9ee0f6b2d20456041a0b4cb74912ccce9e37f97d | Triage

Sharing

General

Target

Nezur.zip
Size

392KB
Sample

240908-cl65ha1eqc
MD5

ca0ddcfdc2ff6c02bffa74bbb9035f50
SHA1

7d46d8f616c3dbd0ddc531323269d65786810892
SHA256

cbd9226c470efd29143f357e9ee0f6b2d20456041a0b4cb74912ccce9e37f97d
SHA512

d007d15c014483fdd7e6b84c1a62f81304dfa8eab5e27083db2e7c1f2bc419d61dccc59647488d5bc167b15d8763ed1979e5593ed43fb39f05b3d25486ca6c67
SSDEEP

12288:PRy+MS8wrxn0PkdYxrhTaPrvyWnWCPrjJZA:PR9Tf+PuY5crvyWPA

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Launcher.bat
- Size
  
  1KB
- MD5
  
  0ce155488691610ac271da90164c0f60
- SHA1
  
  2ddfde69c775f684b668d083a96e04e38c2713e5
- SHA256
  
  cf31e682396556b5cfc16e660417b9c52da38e543229ccd0430c59c6a6227b79
- SHA512
  
  bff899afb3fd1f1c0a31d90cce72426b50fc13d9ef327b5a9cb9e4a46cf0a9495aa17077976c9f7a5663845c3fc42240552c8e7f5cd9d5c05d468673fa3b9d98
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2