General
-
Target
Nitro Sniper.rar
-
Size
14.7MB
-
Sample
241222-vereksvjel
-
MD5
dbf45a0652757cb5cc6badaf264d11d2
-
SHA1
943c65b7399cc229173804df45caa80a57869a11
-
SHA256
5c4846bd5c0464498c1453c420b8f47ab79bdf41b488826f22f6bf59ccc71e40
-
SHA512
92be7da9ca761cfe09fb495bd818a4642a05ac9ca0abc10da5ed23145efe68abe80d6ec5e4b1fdc17358f84030bae0d0b6a3751a036c3700f4fda379747e1d6a
-
SSDEEP
393216:GmPFE12qbjHVb/pT5R5z1Yt5gW8IAEF8eO3CLv7N:GuFE19jHVrpt/z1kydIKerL7N
Malware Config
Targets
-
-
Target
Nitro Sniper/Setup.exe
-
Size
13.9MB
-
MD5
ed5431fa054c82af3c8cceabf0cbd071
-
SHA1
89034408ecf3c0ee53cb59ac1abf9144af381b36
-
SHA256
9e26bac988acfb11c127496bac38db4aaceda542c4c9c33ba23417a340d7788c
-
SHA512
19eff4a9dd446e1b4e45eafa151068ae1e6749abfbafcdb1a64d7718685a0ccdcff28c98491af536cc47da3d07953e082d92b24f86dd8d188127bee4d77d56e2
-
SSDEEP
393216:MqPuYXJBx/m3pgDOEkSgsv9ot+Kc0WBD:9PuYXJBxKlAeru
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
Nitro Sniper/src/index.js
-
Size
4KB
-
MD5
e311402addce6aaad91bf6c6aff9f425
-
SHA1
975aac69441e7d420c965b1c78e1c839ea82a82b
-
SHA256
9df4f37553fd7dd75e7f0fb89dece21ff040cb039ebd2c1fd9ac28b6c589ddf1
-
SHA512
798c587c9faec8b0a3a82b879a2b4057e6012b1bff6a9a2f1a895ed11710afb1662f253b08c1c9487ac8e823ada84786b81bda39a6abc1a1aac09b0ca495e2f9
-
SSDEEP
48:bqzVWr+wqDwhoMMMMMMMwMMMMMMMMMMMMM/MMa9MMQMLhMpMs+Mj3M6sMMaMMNMU:bqJ++wqsM2mWfwEwrYUmeVAG3h+
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Client.js
-
Size
950B
-
MD5
5308bc76b33ab95e16ae67708fe301d4
-
SHA1
55f585fa9de8621981c8ee122c9b984b85bba421
-
SHA256
45a65c1d23f85507f10d274795d3f3f4f45be2f4ee214eb9b5cff5077a522733
-
SHA512
cc867653446bbc8826dcab46fcf1eb81937e239b1890a9d8cec6f6bf66f84fcc662a020be7e910b27df8a4ca1e73b90a7dcce6ad510576f829a7d3ed98859579
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Constants.js
-
Size
9KB
-
MD5
c761fd664700f98f55c733f2755128e1
-
SHA1
379adabba35320380089d3bd7cadef07f1fd7332
-
SHA256
0c6a06b3d3eb3ec6458cc59febabe6d9439ec326c2a2cdcbaef9ff499cf649ad
-
SHA512
db441b858c390114c77787a17ccd89cf730c65b8b6de5d25586c347ee7bb89fe5a6c471ddc6ac47dccab90e9cba3c5c9a32b26d20b4af2287a82a685e8ed0863
-
SSDEEP
192:0ruPjkChS52DCkU10MGdm90MGdmQaLWGAXwQMrBXeNrkW7rJO6Q8Wm76pR7+ULWf:0SAo+kU1sflXc8ptpC8b
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Dashboard.js
-
Size
590B
-
MD5
1d4753655fe73ec68ac0e75d40fcd7ea
-
SHA1
b2ec37589dddc52656b79e9cf24154c2ae34d04a
-
SHA256
ebdff572ef989d708a7c74e1d7c7da7295a83abee0668ff30d4a0e2e2fe0b87d
-
SHA512
d0bd69e1608ab18747625f3c67fb175afaf896f57023069416d3703e5bf7fc1f08ce646a0571a326ac93c0162d57ecb00f57ea7b4def98e3254ff4275f0dfbf2
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Logger.js
-
Size
1KB
-
MD5
4027567e8e3c01e0ac1d64ba070cc72a
-
SHA1
7be63a1ab735c835506f2ea2a7343404b25586e3
-
SHA256
500f8aa527395de6c3342968cde03c31624c9cb64454cf52532fc5bfc98744e9
-
SHA512
1123f9390c5b052c9423190a56ab916ed7f01b5847e5b187a853a675990b2d73d0c97199279826e443b5ea52f95212b4188b459cccb625a7d6778635cb3126e0
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Util.js
-
Size
854B
-
MD5
44f1c926dc2e889743d01da9b0bcce7e
-
SHA1
23ec555779c24a21720317b28019281770c63c0d
-
SHA256
84ccb9c07e7cc9543b7b9f415d57e249fdb180c7750e3193402bf46190ce27bf
-
SHA512
3260610627e648d7da614c3fdb6864f4504697b301203635f9ec88fe9b3138cb87a419014600c02309ec15e42119a11fa49aa5416b84300c7ad695ad284a18de
Score3/10 -
-
-
Target
Nitro Sniper/src/lib/Webhook.js
-
Size
2KB
-
MD5
1b56afe863803fb0be2f79b9e3411f6a
-
SHA1
1e1f75a2efe1b372b478ff2ec704942b2f91eb5c
-
SHA256
d8df89c90e23c8faebdd2edd5ce08f06f735838b0a38e12f05170f7738e55d03
-
SHA512
4085ccfe1a76c70aa009fb5f98f5dd53c8313c38b919d59af84858f46130223af3290dc169b697bb4c16f4896f9c594b690443f26f143072636a42217739084f
Score3/10 -
-
-
Target
Nitro Sniper/src/modes/alts.js
-
Size
821B
-
MD5
e4b02b041c47c06df228a972aedaba08
-
SHA1
3b7e6fe085c641ed6f3ab2cc71a3b60547611e2b
-
SHA256
fe89c2ff11af01e3ca8c16ef40d939a1640ffe6b4b34d168eaae0d994c8866b4
-
SHA512
ad389ae233b128dee797f8cce26e3091f4fc1b36daf1eba57d57a1e690724e32e5de8088c8339828eb23297cd02f1c32480fc0e0fd9bb5b4cc65321fca91809f
Score3/10 -
-
-
Target
Nitro Sniper/src/modes/both.js
-
Size
1KB
-
MD5
ff1b8ff0987ddb09a837c6625db01e68
-
SHA1
242fb54ab8f7f40c4180ecae51dd7aba6ce999f1
-
SHA256
bfbfa0f39154c99b7b87c08514cec2bef17632ea0dcf0afb462dcc6c5bb49ee4
-
SHA512
2dfcb922b30dd3821b80d635e76667f96db47e9ab9b2547305969b03d69ef7673341f07895caac23766515b3dbcef8ebe4c485978de4dd4460df539b556407fb
Score3/10 -
-
-
Target
Nitro Sniper/src/modes/index.js
-
Size
236B
-
MD5
2fc8faef3ddc0ab1b7fbc202d95c9ad2
-
SHA1
9219c705714c105ef26b5538453fb2c3c25f11ac
-
SHA256
0d7418562c920930e7de36a005e60ee76dd7bc23b9f613d3a71e302a9942da67
-
SHA512
8eb9c4ea998577b7863d9540612ca2b2d0fbfa3047e1dfb083607a29c859d466af205f1d608cb4eef2119740cf3bc3823d349d79b116c20e927e7c13db51786a
Score3/10 -
-
-
Target
Nitro Sniper/src/modes/main.js
-
Size
687B
-
MD5
9dabf2dfd0b1c4aa5f851ddbf4188f99
-
SHA1
104281c764e0015e6a6d30e7a4d2a6971c653955
-
SHA256
a14087c132c76fda80ff61b789ddf9ab9ce24a388decce96ca02927f660c3591
-
SHA512
ebf348eae049d6d86bdd9f62fedce4a1988d61d7bf68712a46868deb01fb58edc1ba9c8ac48b017e70e4d081c004dae7e3d642ea431ab1fb1dc721aa83e73f5a
Score3/10 -
-
-
Target
Nitro Sniper/src/modules/Giveaway.js
-
Size
7KB
-
MD5
f3355fa45e7f28356c2234e548227e2f
-
SHA1
20a3603b51332611e19aff356d55b852f3eb9e33
-
SHA256
95bda2eac4c52edc6b9fccec0493142a6c962121f2fe233e4082aefcb0087bc7
-
SHA512
bfae432d9c764add9a2a3035eaa1187df128c41255bdf4e747715b22ab1a0c0d59307bc09cc1822569ad2513d65a5e02b47ba71230930a724d00002214810b3c
-
SSDEEP
192:DSf7NHDIYwUqTrPECsDhYWe5zEqdEKmv3ZL3PR1zUYcGRZ2RPI5+ppLh0Nvs/w3D:DM72pTrPjREaEKS71o3Vh0aC
Score3/10 -
-
-
Target
Nitro Sniper/src/modules/Invite.js
-
Size
5KB
-
MD5
a388c32d33911443f90c122db1f71f0f
-
SHA1
a49344ef206b1fd873476d34d007c9aed46b43e8
-
SHA256
095c7b1305141bb075629ff2acc442fe97560d51827a61d6c31aa834cd67fb42
-
SHA512
76b03ebe7e9b2e0d7c60359a98c2bcbec6b337aa97baf03a6831a5f1589c6bcdda4a182abfa2ed5a9291454e61bb9e44062dd1bdc91f90d0ba08efeec6727eeb
-
SSDEEP
96:DmYZBoWTMDqj77a18mPNUwvQQ/72U4qjoPSEYlP5hW+fV:Dms9MWANvf/72UP/K+N
Score3/10 -
-
-
Target
Nitro Sniper/src/modules/Nitro.js
-
Size
4KB
-
MD5
2ee0d547fa4fc3ade70662f39bf001bd
-
SHA1
8ba32e147d84dace3bf75f6eb79001e14f427a46
-
SHA256
faef74af87e57de1bae97ad74b3e2fe8548d94785183da6b6225b4229ed7917f
-
SHA512
3f0afa075336cd43b86e6f151d20086d02cb0e798938c02dfcb8a3247e3928c01c0b3e87c7c49f340c58f843c719f21d4baef81109e8dc5b07dc9dbd61ca8639
-
SSDEEP
96:9U6WpiIFi+Kqjoya1TcWqjohPN2IABNZ7Le5FdSskjc8E:9U6WpiIFNCZ2aEJNpe5FwhE
Score3/10 -
-
-
Target
Nitro Sniper/src/modules/index.js
-
Size
236B
-
MD5
2fc8faef3ddc0ab1b7fbc202d95c9ad2
-
SHA1
9219c705714c105ef26b5538453fb2c3c25f11ac
-
SHA256
0d7418562c920930e7de36a005e60ee76dd7bc23b9f613d3a71e302a9942da67
-
SHA512
8eb9c4ea998577b7863d9540612ca2b2d0fbfa3047e1dfb083607a29c859d466af205f1d608cb4eef2119740cf3bc3823d349d79b116c20e927e7c13db51786a
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1