Overview

overview

10

Static

static

10

Fluxus.exe

windows7-x64

7

Fluxus.exe

windows10-2004-x64

7

�nT��ž.pyc

windows7-x64

�nT��ž.pyc

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    Fluxus.exe

  • Size

    9.2MB

  • Sample

    240107-xlcwwabghl

  • MD5

    3ab53155c4bdf2d597b01fcbed08d9f0

  • SHA1

    ea5954af9b8f6002b0d9846169fd4f6e857e9edd

  • SHA256

    1a2354417a8da9eb981c11a7502d04aa4414908e34eb3031bf5be70c112c72bc

  • SHA512

    1b5243f2b54dd644c42c0af624af6acf7d11c92ef5d4d8258b26bbc6837b4e803b9f2c11c8c2bb34012cbf845abc732ca1e0a275385b336d191369cac2fa8fc4

  • SSDEEP

    196608:QW0cDedIK36BDLjv+bhqNVoBKUh8mz4Iv9PFu1D7R0o:AiedF36JL+9qz8/b4ITuRSo

Score
10/10
blankgrabberspywarestealerupx

Malware Config

Targets

    • Target

      Fluxus.exe

    • Size

      9.2MB

    • MD5

      3ab53155c4bdf2d597b01fcbed08d9f0

    • SHA1

      ea5954af9b8f6002b0d9846169fd4f6e857e9edd

    • SHA256

      1a2354417a8da9eb981c11a7502d04aa4414908e34eb3031bf5be70c112c72bc

    • SHA512

      1b5243f2b54dd644c42c0af624af6acf7d11c92ef5d4d8258b26bbc6837b4e803b9f2c11c8c2bb34012cbf845abc732ca1e0a275385b336d191369cac2fa8fc4

    • SSDEEP

      196608:QW0cDedIK36BDLjv+bhqNVoBKUh8mz4Iv9PFu1D7R0o:AiedF36JL+9qz8/b4ITuRSo

    Score
    7/10
    upxspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      �nT��ž.pyc

    • Size

      1KB

    • MD5

      89fce81457275c27ea48b1d34ad20da4

    • SHA1

      e1bd6d03896caf822777116f23d42cc000f7a9c6

    • SHA256

      da04f2e2ff62751818a0065e776630b4cbd181e774db71c7e73c1495b75a959d

    • SHA512

      96a6009f3b6bb4fe03460b2c22c07766cd7968084863f9b52905c5b8d6210d9ef3351bc1230a504f4128a72cdfbcadbf8ac0508a6475bad72726822263ced238

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks