Resubmissions

02/05/2025, 16:00

250502-tfz8fassbs 8

02/05/2025, 15:58

250502-tevxbsssav 10

General

  • Target

    Nezur_Beta (2).zip

  • Size

    1.4MB

  • Sample

    250502-tfz8fassbs

  • MD5

    432f5d6252bed8f9cf6121dfdf1ccb19

  • SHA1

    1894ba765b54af6b1b44f6340a7410843ce18671

  • SHA256

    a51b1cb25a5165049ca1b6074d71bbcb15dc98c0498b4cf95e64149aff05f65e

  • SHA512

    053e7db178f821e05cb8a2fde75f46e70d1dc7e21c6ea3181b256b1727764b7299b3fe92b7fdbbaed33ff3e640c3d1b269d7e0f243ec02098f3c4f6e8b2e81b8

  • SSDEEP

    24576:PUjoHwFDQJbiuknXnLl29ZnXdoSthHtwpkB+Dg75hsIl9SnmD0jG/LAFlwZvqfBM:JwtQJ2XnLY9ZnXdoSTHtAY+DgNhLSa0E

Malware Config

Targets

    • Target

      Nezur_Beta (2).zip

    • Size

      1.4MB

    • MD5

      432f5d6252bed8f9cf6121dfdf1ccb19

    • SHA1

      1894ba765b54af6b1b44f6340a7410843ce18671

    • SHA256

      a51b1cb25a5165049ca1b6074d71bbcb15dc98c0498b4cf95e64149aff05f65e

    • SHA512

      053e7db178f821e05cb8a2fde75f46e70d1dc7e21c6ea3181b256b1727764b7299b3fe92b7fdbbaed33ff3e640c3d1b269d7e0f243ec02098f3c4f6e8b2e81b8

    • SSDEEP

      24576:PUjoHwFDQJbiuknXnLl29ZnXdoSthHtwpkB+Dg75hsIl9SnmD0jG/LAFlwZvqfBM:JwtQJ2XnLY9ZnXdoSTHtAY+DgNhLSa0E

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      Nezur_External.exe

    • Size

      2.8MB

    • MD5

      a3a09b3635903b2a3b566a9d1e5e5f2c

    • SHA1

      21aa6effa8200962c7be302fb81ad71fd812ed03

    • SHA256

      5786d2dbfd21fe4c63751d78e8b3fa99ef80aa9a6b51de8dc11dc47a78ff27ce

    • SHA512

      f292728b736eb96a57d825989d2ae6a1f29e5937a67a2a08bf01620183a1e81e2dda96dcfb622cd6eec0af44c42770f8ea66bd8244825b495335c2b8882eb432

    • SSDEEP

      49152:BsuvCr3Y/4z2945U1EQfFmaFgM6b1Sxn05AaplE:Bi52fUaM/plE

    Score
    1/10

MITRE ATT&CK Enterprise v16

Tasks