Overview

overview

7

Static

static

7

Lucifer_21.zip

windows10-1703-x64

1

Resubmissions

13-02-2024 03:28

240213-d1bskshe72 7

13-02-2024 03:26

240213-dzfp5shd54 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lucifer_21.zip

  • Size

    20.7MB

  • MD5

    bc5a64e94d9ae6a90d1e3e5527aef946

  • SHA1

    537c3fc0c54a8bb3dc8e8651c645dae30662fb17

  • SHA256

    07548b3bd8978a673ba74f5949d438685b8e569e092d057d04f305655714494b

  • SHA512

    ec301b266fdae6a87ed439ac274803ed9f549cd3f880403a55e1a803f3c1ee758dd48fb1f98a1cbc85cd9f2ce9bc82dac936ef5884a19674602e8cca8a6fdc3f

  • SSDEEP

    393216:78VilnYOjCeWHx3j8iAAUgBZZaMWqOqzZCeMlqmE9ESt3inwnqiSWh5ohxvvhxj3:78IGOjKHZ9AAUg8VqOqVhErE9v3iPWQp

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Lucifer_21.zip
    .zip
  • Lucifer/app
    .elf linux x64
  • Lucifer/attacks.json
  • Lucifer/branding/admin.tfx
  • Lucifer/branding/banner.tfx
  • Lucifer/branding/credits.tfx
  • Lucifer/branding/expiredmsg.tfx
  • Lucifer/branding/failedusermsg.tfx
  • Lucifer/branding/help.tfx
  • Lucifer/branding/hub.tfx
  • Lucifer/branding/info.tfx
  • Lucifer/branding/layer7.tfx
  • Lucifer/branding/loginmsg.tfx
  • Lucifer/branding/logs.tfx
  • Lucifer/branding/methods.tfx
  • Lucifer/branding/msg.tfx
  • Lucifer/branding/rules.tfx
  • Lucifer/branding/splash.tfx
  • Lucifer/branding/tools.tfx
  • Lucifer/build.sh
    .sh .ps1 linux polyglot
  • Lucifer/cnc.exe
    .exe windows:6 windows x64 arch:x64

    c7269d59926fa4252270f407e4dab043


    Headers

    Imports

    Sections

  • Lucifer/cnc/attack.go
  • Lucifer/cnc/auth.go
    .js
  • Lucifer/cnc/branding.go
  • Lucifer/cnc/captcha.go
  • Lucifer/cnc/check.go
  • Lucifer/cnc/cnc.go
    .js
  • Lucifer/cnc/conf.go
  • Lucifer/cnc/database.go
  • Lucifer/cnc/execute.go
  • Lucifer/cnc/functions.go
    .js
  • Lucifer/cnc/iplookup.go
  • Lucifer/cnc/main.go
  • Lucifer/cnc/pass.go
  • Lucifer/cnc/poly.go
  • Lucifer/cnc/qrcode.go
    .js
  • Lucifer/cnc/reader.go
  • Lucifer/cnc/reload.go
    .js
  • Lucifer/cnc/shout.go
  • Lucifer/cnc/stores.go
  • Lucifer/cnc/struct.go
  • Lucifer/cnc/terminal.go
  • Lucifer/cnc/totalattacks.go
  • Lucifer/createdb.md
  • Lucifer/geobssid
    .elf linux x64
  • Lucifer/iplookup
    .elf linux x64
  • Lucifer/json/apis.json
  • Lucifer/json/configure.json
  • Lucifer/json/funnel.json
  • Lucifer/json/prompt.json
  • Lucifer/json/title.json
  • Lucifer/license.key
  • Lucifer/logs/acclogs.txt
  • Lucifer/logs/apilogs.txt
  • Lucifer/logs/commandlogs.txt
  • Lucifer/logs/failedlogins.txt
  • Lucifer/logs/logins.txt
  • Lucifer/logs/sharingdetction.txt
  • Lucifer/nmap
    .elf linux x64
  • Lucifer/phonelookup
    .elf linux x64
  • Lucifer/sumhash
    .elf linux x64
  • Lucifer/titleshit/2fatitle.tfx
  • Lucifer/titleshit/captchatitle.tfx
  • Lucifer/titleshit/expiredtitle.tfx
  • Lucifer/titleshit/failedtitle.tfx
  • Lucifer/titleshit/logintitle.tfx
  • Lucifer/whois
    .elf linux x64