General

  • Target

    Luxury_Shield_7.1-UNRATTED.zip

  • Size

    7.4MB

  • Sample

    230620-a6x18ahb59

  • MD5

    b5269568508a146dbac5482b0f6d11f2

  • SHA1

    fedc7442a36b445fa9ebd685b6f296aed8f20e6f

  • SHA256

    9c0802d5fe06efc69746bfc48481cd194b099a82972ae31211bccf830c0d1de9

  • SHA512

    ca4fc5d65201945f4c0dbd1b638e8464f1092404b4ddf0eeaaf870752150487e8462c0518513a0262a1a9110fe7fc4818e045f6ff9e1245ab43d5f6b44492d08

  • SSDEEP

    196608:FArV1xKLyFfFO6pJMGGa1L+INjCNIkOT1C+TA3+:FArV1xKLyFfFO6LMdoL+GCy1C+TA3+

Score
7/10

Malware Config

Targets

    • Target

      Luxury Shield 7.1.exe

    • Size

      7.5MB

    • MD5

      9502776952e6900ae1f98934004b4293

    • SHA1

      3905f80a539d37c648a5da1cc6dace16d3516c2c

    • SHA256

      d8ca879cf734c21b84e3983a9245c4da2b38cfe23b1691e4ca265286c3782b1f

    • SHA512

      cbef89e577c883283ce3e9bb48e2ba9eda010e40e6cb1a383d99e32b728a9553cdb83e0831c0bff961fd271cee4eab921f53c97d9412e87bec4d0498400b5fbb

    • SSDEEP

      196608:I+fFDZ0h2bfZEm3B82YSJtsInP49CoKyMEwcGNSAG6:I+fFDZ0h2bfZEmR8VQtss492cGUAG

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks