2c9b95d6f1a7f5bcee7eef56bc3ac1743360b25458d6e00d0afcd94ff413eeea | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Lexi Belle...he.exe

windows7-x64

7

Lexi Belle...he.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

1bf44587e4d68973258e8aa09c411128
Size

321KB
Sample

231225-nyzrqsfbgk
MD5

1bf44587e4d68973258e8aa09c411128
SHA1

3c5a59476c24bd658ad0b730a95376e1882c9a6e
SHA256

2c9b95d6f1a7f5bcee7eef56bc3ac1743360b25458d6e00d0afcd94ff413eeea
SHA512

783c95aa4f83f4300601a7c3ca20191ab3568635a172d3d695ae439920fef1633636edd50ebe17dee26a09704d845716e3f4a631a78bcdddbe08eac7c51e7a13
SSDEEP

6144:MCfb2VWDA0bEJ3sIXcKWDeqmm9azFNSzdjyDxWgoJw4qv7LSTd4c5Mlx/Y6bp6f:pyVWM0bEJ3NZQmgKFNS4LKd9mlJMf

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Lexi Belle Jordan Ashe.exe

Resource

win7-20231215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Lexi Belle Jordan Ashe.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Lexi Belle Jordan Ashe.exe
- Size
  
  206KB
- MD5
  
  86aeead8d2c7d719840ac15145d38225
- SHA1
  
  39e421ef74894f5444d361fcd3bbfee2a8940c03
- SHA256
  
  4670442ed890a0355638a9d4169b21e02678fcf0c2d60033f8c88972ab5853e0
- SHA512
  
  71acdd346f57d27998cfafdf1fdceeffb883abdeda43ad6930cc60f14113c0a2f87a2acfd7a93a56cc211223f8ba3a314c2bb35e1addb4cdc10d77d796c2bae8
- SSDEEP
  
  3072:UpIwq5WG6HGeVec7+zzTZEM+Z1KjRBNTC5vuMDOJ9iYinKx7ouoRZX9bAg0iZG:oq5WBGeVsXLxwu0OJ9e3lzX9cfiM
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy