General
-
Target
cyxum.exe
-
Size
1.1MB
-
Sample
230527-qdacfsbh76
-
MD5
394c60237c9e91bf7efc4832424ef51e
-
SHA1
a176bfac5c7c3c51075a54ee852a10c560e922dc
-
SHA256
fae2d370a412eacf6f1e7ab76a43f1c8bfba253a5b6630322aaecca9978ed957
-
SHA512
e5f25f03ffe24d12ca1b390833996a2f36c4c57455f42fff9e8a0a27e2841c4e5c20b32c6860324d414e6fee2c9de69a4ed7d7780eaa9ee8302ddc9d3dd7c25c
-
SSDEEP
24576:Us/3O8IbK5HdekH+lTZeO8uTRzKJeLjEeJtIVw/5zJx7K3BUUu:V/3O8XdekHkTZBRzK2jEcIu/NDK3Bc
Static task
static1
Behavioral task
behavioral1
Sample
cyxum.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
cyxum.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
cyxum.exe
-
Size
1.1MB
-
MD5
394c60237c9e91bf7efc4832424ef51e
-
SHA1
a176bfac5c7c3c51075a54ee852a10c560e922dc
-
SHA256
fae2d370a412eacf6f1e7ab76a43f1c8bfba253a5b6630322aaecca9978ed957
-
SHA512
e5f25f03ffe24d12ca1b390833996a2f36c4c57455f42fff9e8a0a27e2841c4e5c20b32c6860324d414e6fee2c9de69a4ed7d7780eaa9ee8302ddc9d3dd7c25c
-
SSDEEP
24576:Us/3O8IbK5HdekH+lTZeO8uTRzKJeLjEeJtIVw/5zJx7K3BUUu:V/3O8XdekHkTZBRzK2jEcIu/NDK3Bc
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-