Overview

overview

8

Static

static

1

Nuker/ThemeCreator.py

windows11-21h2-x64

3

Nuker/main.py

windows11-21h2-x64

3

Nuker/run.bat

windows11-21h2-x64

1

Nuker/util...t__.py

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/util...11.pyc

windows11-21h2-x64

3

Nuker/utils/bot.py

windows11-21h2-x64

3

Nuker/utils/ctime.py

windows11-21h2-x64

3

Nuker/utils/ids.py

windows11-21h2-x64

3

Nuker/utils/logger.py

windows11-21h2-x64

3

Nuker/utils/nuker.py

windows11-21h2-x64

3

Nuker/util...eme.py

windows11-21h2-x64

3

Nuker/utils/themes.py

windows11-21h2-x64

3

install python.bat

windows11-21h2-x64

8

Analysis

  • max time kernel
    31s
  • max time network
    34s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/09/2024, 16:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nuker/run.bat

  • Size

    27B

  • MD5

    1684940ae7b515635d2f7a31d73867c9

  • SHA1

    41ca7001668a3a33fb9e7653a54358c6dcdebd06

  • SHA256

    bbdeb3d4adc5adf64ff86e81c0ec482c8b3fc0743c00bd1525d2bbdecc48bbeb

  • SHA512

    e699b3b53ee4180c4523d59cba5a185776e46b0aaa84c0eac38d522e03bf2c4bd5877527057569f1c4775f083746d785ccc939616a6ea1ba2560127b759c516f

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Nuker\run.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3104
    • C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
      python main.py
      2⤵
        PID:3884

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt
      Filesize

      487B

      MD5

      a3a4c38e2466686238a02e98e4f96736

      SHA1

      060f9975e8c90cf544e433c9358a4fb5e2541d87

      SHA256

      f6da342a22f2b9ce72717bf423f5c72dce3e42c849237235c87479c99262a77d

      SHA512

      62d3a47262f9d3738764dcf4f10b578434b5175db5f4f25676a9363feb31d9b4f1451c300454a7cb2b1f6eaf309a9233fd0de00af94bf20123811471baed0d2d

      Download Submit