all InfoSec news
NimProfiler Analysis
Malware Analysis, News and Indicators - Latest topics malware.news
By: Jason Reaves
Recently while working on Metastealer samples, we pivoted and ended up discovering a new piece of malware written in NIM. The sample appears to be a system profiler but also leverages NGROK for C2.
299d491bb387f179792640f675f4b625e0e477a22a6dc4491aa5037c18509be4
One of the first things done by this sample is performed inside the PreMainInner during the initialization portion of the executable, this has a very extensive function that will get the name of the CPU:
The values can be seen above that …
analysis jason malware metastealer ngrok nim piece sample system things working written