183160e943a1e0b38a07dc0d6fd775a32180bdee16cc5b5df90330276e95bd44

Sharing

Copy URL

Twitter E-mail

General

Target

NYX.zip
Size

140.9MB
Sample

240911-rxt2mswdrh
MD5

d3496d01232b84a990127079813f7a0e
SHA1

6c5de1afdb7ba5a73315b2b09e59d0786d0ef44f
SHA256

183160e943a1e0b38a07dc0d6fd775a32180bdee16cc5b5df90330276e95bd44
SHA512

a72192fa74df1ab00b596d3cb458a38b911378275f00797a251756dbf4da619d4663e5a85e9f261881248a8c88ec2101845ff596d705b2398313a774383225aa
SSDEEP

3145728:q10da5d4vVH3qZ9Li+5L+m/YOcSZX2/hv8LKNwzKnm0YG+FfsR:q10AY9H89LpKm/jcSZXOV81zKmLTFfsR

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  CefSharp.Core.Runtime.dll
- Size
  
  1.3MB
- MD5
  
  41571881b1113b2813d80a8fd063fd18
- SHA1
  
  8e01d0f9daf636979b09cf3f3bf7235de1be3c81
- SHA256
  
  e3a9a58317217393ba110b1fd1a7f39c0fb819ce96d425e5d1220e200420938c
- SHA512
  
  b74c0f0cbe46e9902bd19041fb2f7ded7b1849c790837f29eab250392e612d1fc42767847cb39a2d94fcbf8d528e0ccf25a445d42b26379aaa8de823a1cd0b9b
- SSDEEP
  
  24576:m74xCV8e00l0NLz4Cm9naV9uhO5GZLOfMRh44OkSgqc4CQKZi5P9xh0gsWLgiHea:nCVXtZLOOh44OkSgqc4CQKZi5P9xh0gH
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Nyx.exe
- Size
  
  7.5MB
- MD5
  
  34e9e2070c4b959fd5cde9aff77cd68b
- SHA1
  
  6aba2fb635ca0d6444684f015c97d1b5bce5d957
- SHA256
  
  1fdca0ed906e4cd623eef962377f59bcdce2dde3233a0a1ca306d8b5a9e9268c
- SHA512
  
  e38558b1a23872efcef6d252918f12e1732cd4b151bbc4d51b8a56bb9934f63b3d4ac9838f8c28edfb1549a89f18b128be502dfed2a537a2d1bf2695fa1ceb70
- SSDEEP
  
  98304:J35dIISLSHkNnEXSzrfZM7WcciwU6nqnlve59oI+k6k5MukqjpMxNepV:J35uaCEYrBM7Wc4hnqlGX6k5FTMW
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral3 behavioral4
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.9MB
- MD5
  
  08ac37f455e0640c0250936090fe91b6
- SHA1
  
  7a91992d739448bc89e9f37a6b7efeb736efc43d
- SHA256
  
  2438b520ac961e38c5852779103734be373ee2b6d1e5a7a5d49248b52acc7c4d
- SHA512
  
  35a118f62b21160b0e7a92c7b9305da708c5cbd3491a724da330e3fc147dde2ca494387866c4e835f8e729b89ee0903fd1b479fcc75b9e516df8b86a2f1364c8
- SSDEEP
  
  49152:pS7/Q+besnXqRtHKzhwSsz6Ku1FVVOsLQuouM0MeAD36FqxLfeIgSNwLTzHiU2Ij:p4/hqqFVUsLQl6FqVCLTzHxJI9k
Score

3^/10

discovery
behavioral5
- Target
  
  lib/ace/ace.html
- Size
  
  3KB
- MD5
  
  79d5cf1e15800d488db989da5b87fdcf
- SHA1
  
  ad8d17c3e438a669ec5c5a0c147bf6437fd35051
- SHA256
  
  a99c139fe372b396174d194e0f3577ee339f86954ae7416fa010b2a62787cb3a
- SHA512
  
  421f7a5519ba5e03aad5458f6773a38c8ccdd7c9be010fd1e5e80e7d76dc0a72299aefd958f55136debfb5d5786d7f3a68e019ec95cc8729f313e7ee78684685
Score

3^/10

discovery
behavioral6 behavioral7
- Target
  
  lib/ace/ace/ace.js
- Size
  
  701KB
- MD5
  
  a6686a7c46bbfc45d4f3cc5a9bafebc5
- SHA1
  
  4e8fa74de2025edd550fcc4b4d869f385d1b73c7
- SHA256
  
  208c0601362fcccf0df59329fca92eb03d914d11978f115005e280cb22f569e2
- SHA512
  
  13c807ce60c33a6ffe7531b8984d7a3e2e0144a9dec2d3620136da799d45e80f65eb22b58103aff071cc0c64716c667c624af9446662253914cd418f0c7e02a6
- SSDEEP
  
  6144:oq4Z4StNfGDghjQYOIsb9U9lJiujPxBrLeq/SqJbXbZV8dxcQgnmpqptB9z/n68H:ojBtNfGkf/jxBv7oeR9zWk1nyP0XRx
Score

3^/10

execution
behavioral8 behavioral9
- Target
  
  lib/ace/ace/ext-beautify.js
- Size
  
  11KB
- MD5
  
  e25a9f1eefb91ff068f8f2a3d021098e
- SHA1
  
  72ab67d8e39cb4f61d384cf5666085d7e627d3f4
- SHA256
  
  c8c01930591173ebe64a1d6b9280f36398c83c5ffc148b04f73fa94b4ef36191
- SHA512
  
  fd8412a50b74c72fbd6180bb8031a8ff81b7ccb691ae07ce251587fa65e230810d18a0d9c0387cb7bc6921a062766c7ca0e7b2e90a4cd19af2db1462359eb675
- SSDEEP
  
  192:925ATmDTIxw+gO1WSS7PXOig6iGKiPiZ74NmZbhBoiMS+k28iSqQqHAFvSYJppWT:UATmDogOcKZbKL0y7
Score

3^/10

execution
behavioral10 behavioral11
- Target
  
  lib/ace/ace/ext-code_lens.js
- Size
  
  7KB
- MD5
  
  12022137d3802cf3a9269e2e52289425
- SHA1
  
  bd8dbf3bb4a3d5eec3a63564a30b4c8cf09472db
- SHA256
  
  2a6770ea9f8f0179f71d66d47f65bcfa28f918fede686422e54e0edcb9f19fcf
- SHA512
  
  0f0095034720f8e6b07d9189d3a9b39da71889d5808f0fdb7f8cda99463fd693467c94032a6dec32951535f5f6c1bf25e51e25cf6c39d160c10b03e1f15d1550
- SSDEEP
  
  192:zACH9KCH9TAH2K/CKCHKH4H5iwt0741tHJHyR8Hdj6oXeWgcV1dyKHPur9yxCCH1:cCH9lHBAH2GClHKH4Hg743HJHbj6yeWL
Score

3^/10

execution
behavioral12 behavioral13
- Target
  
  lib/ace/ace/ext-elastic_tabstops_lite.js
- Size
  
  8KB
- MD5
  
  4a5c939da4f22719815b2a85b11d29b6
- SHA1
  
  493a37c00678d36d34f860056c936d3c6083c79b
- SHA256
  
  03ee8372a6429a8c56e8af02696e66bf42459db32a196f17f8d2c672caa2ed04
- SHA512
  
  a51aa6d3e50fab0a82333b3f09030006676d1aa3334b88b6155dbeab67dc0241b8d3f1f91a626cf7f75c659f77c1d8937532b320fb87690ceca24b9b973bd5ec
- SSDEEP
  
  192:glgCuuLpykQ8yuhtLMa07bsSslMosy9gyQoFx/UUhpUSbax3r+/Sy1TCa:agC/rQuMLsnlMojx/UUhpUSbax3r+/p7
Score

3^/10

execution
behavioral14 behavioral15
- Target
  
  lib/ace/ace/ext-emmet.js
- Size
  
  47KB
- MD5
  
  3c3303c8a63e5ae66f982350ec857e87
- SHA1
  
  f74e7a21ed7ad26662e02f94abe34aacf6882785
- SHA256
  
  23331809f93f30031c0df2673450c6d67fa13bf3211dd7094d1d6fa9b99e9c18
- SHA512
  
  a8cff4d37337535a9886e5d24143de9d507f61a0306dabb7ff3d4b9186f51d52c205153c3dc6b0d587089f724ba3e2a83e7f9af2c7b26f15fa820898f48321a4
- SSDEEP
  
  768:7z5x5p5gfW3oq1D183CPjvHUCJyYZBkn7yOTbGK1JLP3KWa7kg/IqzCDrpNyBhB+:7z5x5p5gfW3oq1D183CPjvpJyYKpZ7Ck
Score

3^/10

execution
behavioral16 behavioral17
- Target
  
  lib/ace/ace/ext-error_marker.js
- Size
  
  336B
- MD5
  
  b40f7996c4bf9099abb5f8b3b0f0be7e
- SHA1
  
  f408918b226931d0090064f6b2ad3922890152d9
- SHA256
  
  d549c299502c356538f2444d4ebba5f251d9cfd7fe137c35a9dd64aa0d5650a6
- SHA512
  
  779e2946d01663fc4b5b7e4f6f35621964238f6b4c9eaeafaab85622ca7b62c338afe11476648b0d642b27d35197501f928eaf8229f9001c0ae5652f04197a65
Score

3^/10

execution
behavioral18 behavioral19
- Target
  
  lib/ace/ace/ext-keybinding_menu.js
- Size
  
  6KB
- MD5
  
  e9e7aa9d8b73e9420058416a2e425749
- SHA1
  
  72779ad95194a6b7be98f0ac45b7057e5c1088af
- SHA256
  
  d58055479c707296cb0b129eddf5d3684d1b37caa48bda3ccecb37f1ec3612f8
- SHA512
  
  7a72a8ab9a893dc335281376b9f7b9a58283f4930676e0f5b8c6bbb62c6d50e94e3a12c7965d93018e61d7dd5f755397851c6f2a51af50ee58732f9723c4843a
- SSDEEP
  
  192:2zQgi+w/VwzeFZmZucbzcBUeQ9PI08ob5JIJzp/xtSgX2s2h23mjiDya+mTCa:qzeKcUnx8aIJft8AyaD7
Score

3^/10

execution
behavioral20 behavioral21
- Target
  
  lib/ace/ace/ext-language_tools.js
- Size
  
  75KB
- MD5
  
  56e84b42d4d10cf8b86d9462c517ac78
- SHA1
  
  32ea9cb3663bb281beb3d00a66520460e6b4698c
- SHA256
  
  20042860c5d8776ab14925360d1b14a378dedb1cdb62f1bd2689aa4f5e1cc750
- SHA512
  
  a02f1836ae46a66ebc7553be11cf9b357013f7a90bf8dc20d999f97ec44ba03dc1f2136799131c9b7c41d9454c73362d314195a5c42dd88014cf68fe3a02bb38
- SSDEEP
  
  1536:7z5x5p5gfW3oq1D183CPjvpJyYKpZ7CWa7kg/ImCDrpN8msdFKVYYf8cLNt5AqeZ:7z5x5p5gfW3oq1D183CPjvpsYKpZ7CWC
Score

3^/10

execution
behavioral22 behavioral23
- Target
  
  lib/ace/ace/ext-linking.js
- Size
  
  1KB
- MD5
  
  932265422f7925d95cbe5aebe3a12f2d
- SHA1
  
  a841875e361e6d6406d8c359568e69785d8b76a9
- SHA256
  
  06f733685f2bfae0453f2429772718ca49bd82d8fa748360f8b5f69e0b9ea612
- SHA512
  
  730bbfb647b18b4339eb14d200a46617cef4e68354f24092bbf82a33edf2a8fe1f4dd988a9ae691ded3f34e79c626f8068b4357b7dd39d7f9bcca448c1ba5a7e
Score

3^/10

execution
behavioral24 behavioral25
- Target
  
  lib/ace/ace/ext-modelist.js
- Size
  
  7KB
- MD5
  
  6bae0154b4d0810eb877c9be3ce75e60
- SHA1
  
  6385ca597d6c7b1f96ffcc58ce1ca805471817d9
- SHA256
  
  2320ea3d88be7be9ab5c6fbe6ed170dd93e160547574ce6df0d137aa27d2f9f5
- SHA512
  
  bf15b43032ce2f39b28db369e3dcadabebf523caf89aaaed9a528f0564528ea660f70cffeb6927cfdfe0710341214c3224b6df7b43258bbf1df20920131f1179
- SSDEEP
  
  192:viIuiQvnTIoVcsruDi5z0O4D2OKkbeJO9kdfFUrsjs/VDfWQofXFe5LsTCa:mT9VcsrkiR0O42gk3UruOVD4FgLs7
Score

3^/10

execution
behavioral26 behavioral27
- Target
  
  lib/ace/ace/ext-options.js
- Size
  
  24KB
- MD5
  
  9882e6da6a5c907d47b2b75a5ee73a02
- SHA1
  
  3593a7a74558afff56634d4e7bf3309db2c91afa
- SHA256
  
  7fcad03423ab7c07f7fa30cb4e141ec0da0595e1aef08b81a4b89c8c3b91aa53
- SHA512
  
  6d18c569d754fd7852755a249a5d951b4cb52540cbd214ec19c0ce55710cb0966aa177bf91aad65e7b2a43a08811b27324bde7f709aa088f5698d7a4551e7b1a
- SSDEEP
  
  384:qzeKcUnzT9VcsrkiR0O42gk3UruOVD4FgLvg39wTN7ZrosesnRRDlZTQnjuO7:q6KxnSkGg3mJ5nZTQaQ
Score

3^/10

execution
behavioral28 behavioral29
- Target
  
  lib/ace/ace/ext-prompt.js
- Size
  
  95KB
- MD5
  
  2a2b94eb2ee36301b19dca07d74cdf0d
- SHA1
  
  f1586022f5c13e3d2475e1c665ae9c74ac4e9ace
- SHA256
  
  8a71ef4c6add557fe17cd16e56f97533bcd6a335149b6f1bd85c45c78aa71550
- SHA512
  
  f785b403bc36120619852d80d2422da08baf1328f5e4dbd3148dafe9f1bc299cb91e8d0a65370d8ad4ab9fedb67b83208fd75fa926d22e771f95901d95da7ab1
- SSDEEP
  
  1536:P2cLNt5Aqeg9tz5x5p5gfW3oq1D183CPjvpJyYKpZ7CWa7kg/ImCDrpN8msdFKVP:P2cht5AqRHz5x5p5gfW3oq1D183CPjvy
Score

3^/10

execution
behavioral30 behavioral31
- Target
  
  lib/ace/ace/ext-rtl.js
- Size
  
  4KB
- MD5
  
  c3cc7439adca6e58aa20abc93d24e712
- SHA1
  
  5b6ac06447d558f140ec544a4841836c22d4c78e
- SHA256
  
  a5c0ccb71781f451ce0d8bb36bcf654d01742c258243d84a6de39d4836df228c
- SHA512
  
  2da99842e6b31d80b25a02c2e97025281e5e92d4ba60f07ca887f9e486e17e1299d61b2dd31de1cc2b715447c9c9359b1bd6e6c36767828966b1b137ff3576d0
- SSDEEP
  
  96:fjMAmLqAJEv+ZPTo/mZPTBkt4xryhk1lO+ybLLvaATCa:fjMAmLqAJEv+ZPTo/mZPTBkt4xry+1A/
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Network Service Discovery

T1046

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Checks computer location settings

Loads dropped DLL

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Network Service Discovery

Checks system information in the registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32