General

  • Target

    Fluster.Installer.exe

  • Size

    20.6MB

  • Sample

    231106-npdg5scd76

  • MD5

    a38061b6378ce80dec21156a3be93bfc

  • SHA1

    b53d6e1f809b83c31b305b28c566bc7c4f16ae71

  • SHA256

    23293cb46bc0420025be9a619d0449158feac56bae08846d987dd52872d272ad

  • SHA512

    101a4b58b16e73c662a571408688188e8ca890e8f199762270af2d97e783c925f6c627fbf4f49613d652cc523820963a79a92d51b69ccfbc46a987b33f0dfe92

  • SSDEEP

    393216:VUdMOZ0JTQDXYCxnOshouIkPUktRL5KkJb8LgSUu16RCOdMs9AC:VUdMOZ0JTQ7YCxOwouYktRLIaLSSW4j

Malware Config

Targets

    • Target

      Fluster.Installer.exe

    • Size

      20.6MB

    • MD5

      a38061b6378ce80dec21156a3be93bfc

    • SHA1

      b53d6e1f809b83c31b305b28c566bc7c4f16ae71

    • SHA256

      23293cb46bc0420025be9a619d0449158feac56bae08846d987dd52872d272ad

    • SHA512

      101a4b58b16e73c662a571408688188e8ca890e8f199762270af2d97e783c925f6c627fbf4f49613d652cc523820963a79a92d51b69ccfbc46a987b33f0dfe92

    • SSDEEP

      393216:VUdMOZ0JTQDXYCxnOshouIkPUktRL5KkJb8LgSUu16RCOdMs9AC:VUdMOZ0JTQ7YCxOwouYktRLIaLSSW4j

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks