Download - -nxprime.in- Gobaku-moe-mama-tsurez... <Latest>

| Behaviour | Description | |-----------|-------------| | Initial Execution | Creates a temporary directory C:\Users\<User>\AppData\Local\Temp\random | | Network | Sends HTTP GET to http://cdn.nxprime.in/payload.bin (GET response is a second-stage PE). | | Persistence | Adds registry key: HKCU\Software\Microsoft\Windows\CurrentVersion\Run -> "C:\Users\<User>\AppData\Local\Temp\random\payload.exe" | | Process Injection | Injects into explorer.exe to hide windows and gain higher privileges. | | Ad‑Injection | Modifies the user’s default browser (Chrome/Edge) to load additional ad scripts from ads.nxprime.in. | | Data Exfiltration | Posts JSON with hostname, username, public IP to http://track.nxprime.in/collect. | | Anti‑Analysis | Checks for debugger (IsDebuggerPresent) and sleeps 30 s if detected. | | File Dropping | Drops a copy of itself renamed msedge.exe in C:\Program Files (x86)\Microsoft\Edge\Application\. | Download - -nxprime.in- gobaku-moe-mama-tsurez...

Given the filename or search query "-nxprime.in- gobaku-moe-mama-tsurez...", if this were related to an anime or video content:

Content Title: Gobaku Moe Mama Tsurezure - nxprime Special Edition Risk Assessment

Description: A special compilation or edition of the popular series, possibly including exclusive content or scenes.

If it's software or coding related:

Content Title: nxprime - Gobaku Moe Mama Tsurezure Plugin

Description: A plugin or module for a specific software or development environment, named after or inspired by the popular culture reference. Recommendations (high‑level)