fae0ad410e0a2a4e8bdedcb9d1b0e1ebb36771077940648d6bc6e8aa1c98ba2d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

OxygenX-v0.8-for-windows.zip
Size

11.2MB
Sample

231011-v45nhadg94
MD5

0d638828bbfbe544a832e4fea68ab492
SHA1

d909a44479a84ae4e019cd19de929915c6fd73f5
SHA256

fae0ad410e0a2a4e8bdedcb9d1b0e1ebb36771077940648d6bc6e8aa1c98ba2d
SHA512

1e22f749d9ed925db7860a86ee6648981378fafdabe0c71cfc51b9d20a091fd13385441f42b57fa4ff85bf2e526be11842d328820426d13aa5ba23faf0e5f734
SSDEEP

196608:A7AOw877oOp/KbNDrZEHFFLFAIDhkqW8nNzJ3ZMvLWm5kl+Nu3fvEucbv1GoA8:Fx877N/cNDlsLL599hNzJ3ZMT6MNu3fQ

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  OxygenX-0.8.exe
- Size
  
  11.5MB
- MD5
  
  9f28ff9237fbcf94b2f944e2ac3df9d8
- SHA1
  
  31f3e616dd65bb2cc3dfd51a6d353e94b1f89e20
- SHA256
  
  53b696bf994fdb5241f1ff50750961ac357e99c5ac86789c86440708dee00bff
- SHA512
  
  547a59806c7fa8e350e7fbc9fdd203202a2b3c8805dad7a8e8a396c36505a399ed55ecd136d0c92f862fba0539328b6e6c2e7304db042adcabc58044871e6ef8
- SSDEEP
  
  196608:3DFAtcMPNP1SuVNSAJ9onJ5hrZEnhbJMFjT48RmU/3ZlsPvFZYizYM18CL1hQcfZ:TwB1P1HfJ9c5hlEnhyFntN3ZWFZYIYM2
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2