592abf8a884553d34b1a4b27ce12d51ad8dcaa2c35db7b004e37fcc642185405 | Triage

Resubmissions

20/11/2024, 14:55

241120-sal8ysyfpj 7

20/11/2024, 14:54

241120-r9z4essqgp 7

Sharing

General

Target

NitroGenerator-Checker-main.rar
Size

8.3MB
Sample

241120-sal8ysyfpj
MD5

cecae080f9a2005a9afa0f96bce6f2e7
SHA1

93f5154b216c4a862e6a4e6ea81f64a7a06dc9ab
SHA256

592abf8a884553d34b1a4b27ce12d51ad8dcaa2c35db7b004e37fcc642185405
SHA512

0e5720b892ff1abfdae0c42fc970e94b5c307ea43931b9a6598cc7b12fe5e1f12a27c2c88c9b95567d77e017feeb30d84abd5c101bf2e14119109e666ed94866
SSDEEP

196608:a9Rza1/MMedj8DhtneFHt9LOHgjN0CWKHzGB/7Vz7VZ5C+v:gi/MM+j8DhqHtNagjkWk7V35C+v

Score

7^/10

discovery pyinstaller

Malware Config

Targets

- Target
  
  NitroGenerator-Checker-main.rar
- Size
  
  8.3MB
- MD5
  
  cecae080f9a2005a9afa0f96bce6f2e7
- SHA1
  
  93f5154b216c4a862e6a4e6ea81f64a7a06dc9ab
- SHA256
  
  592abf8a884553d34b1a4b27ce12d51ad8dcaa2c35db7b004e37fcc642185405
- SHA512
  
  0e5720b892ff1abfdae0c42fc970e94b5c307ea43931b9a6598cc7b12fe5e1f12a27c2c88c9b95567d77e017feeb30d84abd5c101bf2e14119109e666ed94866
- SSDEEP
  
  196608:a9Rza1/MMedj8DhtneFHt9LOHgjN0CWKHzGB/7Vz7VZ5C+v:gi/MM+j8DhqHtNagjkWk7V35C+v
Score

7^/10

discovery pyinstaller
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  NitroGenerator-Checker-main/Nitro Codes.txt
- Size
  
  3.7MB
- MD5
  
  21c4baafb432cb0fd2f3489f5ad5e707
- SHA1
  
  8aef62cfa7b3ab10a3d01bbd0e5f1737f6baccfc
- SHA256
  
  52e409c4c07c99e313dc53cdd3f4b92081063898130ea327715d38392ca37d93
- SHA512
  
  ffcd3c7dac566d49fa53cc322dec28179640a800b3ed2f8d3fa4e8686cd516403ce5ab273cf2433ceba70838273ea3e4463321cd158c82162ee2c24847fc2fbf
- SSDEEP
  
  24576:ndlyk8aPr+gNRvjQUkjOZVvfBHcdkF6aOmnYAHoK1RzE:dtt5I0bZm
Score

3^/10
behavioral3 behavioral4
- Target
  
  NitroGenerator-Checker-main/NitroTool.exe
- Size
  
  7.3MB
- MD5
  
  3b7a4518fc3e2dce7e9d26b73823683c
- SHA1
  
  b1ede38974d1be0e771eeca02b4cb3eea6553ffd
- SHA256
  
  bae1f61c77b66a9821282a3739db03ebf4bce619e1ed57e1bfea780776d735a1
- SHA512
  
  b01fcb882275ff6cc589d22a6fbdbb3b91c49136c2656eda6761e1e0792d8329431627d90ac94728b29a8a7faf4ade867ed0a343bc8c30a9eb6d9062543f3743
- SSDEEP
  
  196608:SeQ0Vi+gp1DM9onJ5hrZER9xQ3jo4UR7+N0sTDBVW0:MpNM9c5hlER9xA2RS1D
Score

7^/10

discovery
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral5 behavioral6
- Target
  
  NitroTool.pyc
- Size
  
  6KB
- MD5
  
  1b3b73e54e1b1ecd5fd9e93ad8509d71
- SHA1
  
  dcfd954b5565ca9e1dc5dc77e991d0e160a6d1e9
- SHA256
  
  78df7be06e01d98790df6a7326c6f232f998a0203e585e2a2e6127838ab37eac
- SHA512
  
  cafb114c61c0387f60da3943004547ebb1e5af52df00d06eb06ab34af7b1a10308773c9c5b83087117ab0182f3098f848cd868c6017f26399f9a0fb32f0db4c9
- SSDEEP
  
  192:0k1HM8ytEQoQdzQFghyf//E09Hhyf//sPTmve9mhyf//6Zsu:hvQoQdzQFghyf//79Hhyf//sLmve9mhx
Score

3^/10
behavioral7 behavioral8
- Target
  
  NitroGenerator-Checker-main/NitroTool.py
- Size
  
  9KB
- MD5
  
  0dcede35098af745841fd694c5defaec
- SHA1
  
  972b80936731e501028dbf3869a97b0dd29022f5
- SHA256
  
  9fba3a35dc4c3760eaaea891c9fbe2da22ee8cb2bf38f872cd4cccd95553c4b3
- SHA512
  
  5984ed7c6a2ea9c10b4feef18387e3cca5186b0369f926755b3536919e5918854a350782f1b4e931cc06c9df2caea7ec6ddf9a05f6066d383d5215b1093fb90a
- SSDEEP
  
  192:pzIm8O1O8mtmQoQvzQFrhyf//8U1O8mtmQoQvzQFrhyf//xiTX1O8mtmQoQvzQFn:pUmDQoQvzQFrhyf//8AQoQvzQFrhyf/S
Score

3^/10
behavioral10 behavioral9
- Target
  
  NitroGenerator-Checker-main/README.md
- Size
  
  173B
- MD5
  
  23abde2d646a5f7c909cdb1355abb9fa
- SHA1
  
  5edcaf9a0fa9d0f010b399a13d33e6c47d796871
- SHA256
  
  1be43a7cb0fc72487016969f09f043f74403a5bb28f29927156123467b9fd4a1
- SHA512
  
  8239b0fb9426d83ea4063c3d5bdf4beb6bb7dde3bf5623e8b479083a2fc7fb8544cc1a3dde321b102efb267b71a7bd27b12fcc70dfedcc0dd833d8848456c920
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypyinstaller

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12