NightHawk Memory Obfuscation

Over the last year and a half, I’ve often seen mentions of a self-proclaimed “next generation malware” of the name NightHawk. Ordinarily, I’d know most of those claims tend to be nothing more than hubris, and choose to ignore it, but, I get bored. As such, I’ve chosen to start analyzing and tearing about the malware based on samples I acquired via VirusTotal, a hub which contains a plethora of commercial, closed-source, and open source samples. This research is done on my own time, and is not associated with anyone other than myself. I’ve torn about other similiar malware such as Beacon from Cobalt Strike.