General
-
Target
Noxic.zip
-
Size
95.0MB
-
Sample
241108-3kqz1asdmb
-
MD5
a6d5a104727e3b65c3aae2115792fb8e
-
SHA1
7d58c158153ab4177d0fa15f99b19913ea93b5c6
-
SHA256
ed08d239c46a922bb22cc1c27fdbf6699819e48d911766ec37b31b0423a52f71
-
SHA512
0bc57085409013bcf4dc1b6198f6ff6c1b879c3767ceafb3e64cba1ed795754c128ac716c4f8dc29c1902c4cf47fef56c7c39229567f0a1bafd5f2a932de675c
-
SSDEEP
1572864:mLLDdCexR9W9phLIllrymFpvXIw0RPcIwuVsPUZ6OuPpKPXl6KDNSFOAKblpLP98:8DdCQHWHhLSrdIw0R0v2sPUbY41ZEFB1
Static task
static1
Behavioral task
behavioral1
Sample
Noxic.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Noxic.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Noxic.exe
-
Size
97.1MB
-
MD5
3a74f44c697eab7f7d4be6f8f45f2fa3
-
SHA1
9911e33b3db1ffe049f56ee1d5af12c189a02c3a
-
SHA256
d317c6c038ca4e934f981c1c37d3d47b891249b10c7ce3e24d6ad3306a9a36dc
-
SHA512
1e047418c6249363674612892389919971e722e8ac5c29bf365c4d41404aba9c2dbf9c76bb7c486da95f09883550d7d7fa24e631a9c91a9d02752e2133fb708a
-
SSDEEP
3145728:Ch2VRVK8iQnLWFQM3K7f7+O5cjdsJIHxabE1:Ch2vVBf6R3Wf7+6ikS3
Score8/10-
Downloads MZ/PE file
-
A potential corporate email address has been identified in the URL: [email protected]
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1