Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
24-12-2024 02:27
Behavioral task
behavioral1
Sample
nigger.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
nigger.exe
Resource
win10v2004-20241007-en
General
-
Target
nigger.exe
-
Size
6.8MB
-
MD5
5fdcf4f18f5f60842beb0e6b6a7ca838
-
SHA1
9aae3c14069e0136fe6793f83d471272c0cde0ad
-
SHA256
ff7fafddc1870fbcee419e7d1992606cc8006677187125b6cc57c9dc01f02a69
-
SHA512
24c7a836ede996a538d484864bb6f5046a0c57a4f6976be7e46efcf39fcdf19aea0ce6cc3f3631e6b05d0dbb1cc1b99908a567ee01a84d2dd4515c7dbacf2096
-
SSDEEP
98304:cdFkwN+MdA5wqSnWiP8MMhJMjarJaon7JPzf+JiUCS3swhzqgez7DovaDJ1n6hB9:cXV1vmB6ylnlPzf+JiJCsmFMvln6hqgT
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2784 nigger.exe -
resource yara_rule behavioral1/files/0x0005000000019263-21.dat upx behavioral1/memory/2784-23-0x000007FEF6300000-0x000007FEF68EA000-memory.dmp upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2224 wrote to memory of 2784 2224 nigger.exe 31 PID 2224 wrote to memory of 2784 2224 nigger.exe 31 PID 2224 wrote to memory of 2784 2224 nigger.exe 31
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD51e76961ca11f929e4213fca8272d0194
SHA1e52763b7ba970c3b14554065f8c2404112f53596
SHA2568a0c27f9e5b2efd54e41d7e7067d7cb1c6d23bae5229f6d750f89568566227b0
SHA512ec6ed913e0142a98cd7f6adced5671334ec6545e583284ae10627162b199e55867d7cf28efeaadce9862c978b01c234a850288e529d2d3e2ac7dbbb99c6cde9b