Overview
overview
7Static
static
7FluxVerify[x32].exe
windows7-x64
1FluxVerify[x32].exe
windows10-2004-x64
1FluxVerify[x64].exe
windows7-x64
1FluxVerify[x64].exe
windows10-2004-x64
1Libloader[gui]v3.exe
windows7-x64
7Libloader[gui]v3.exe
windows10-2004-x64
7WebContent.exe
windows7-x64
7WebContent.exe
windows10-2004-x64
7node_modul...n/mime
ubuntu-18.04-amd64
3node_modul...n/mime
debian-9-armhf
6node_modul...n/mime
debian-9-mips
3node_modul...n/mime
debian-9-mipsel
3node_modul...me.cmd
windows7-x64
1node_modul...me.cmd
windows10-2004-x64
1node_modul...me.ps1
ubuntu-18.04-amd64
1node_modul...me.ps1
debian-9-armhf
1node_modul...me.ps1
debian-9-mips
1node_modul...me.ps1
debian-9-mipsel
1node_modul...DME.js
windows7-x64
1node_modul...DME.js
windows10-2004-x64
1node_modul...dex.js
windows7-x64
1node_modul...dex.js
windows10-2004-x64
1node_modul...DME.js
windows7-x64
1node_modul...DME.js
windows10-2004-x64
1node_modul...ten.js
windows7-x64
1node_modul...ten.js
windows10-2004-x64
1node_modul...DME.js
windows7-x64
1node_modul...DME.js
windows10-2004-x64
1node_modul...dex.js
windows7-x64
1node_modul...dex.js
windows10-2004-x64
1node_modul...ead.js
windows7-x64
1node_modul...ead.js
windows10-2004-x64
1General
-
Target
f4237f22e131216fc80bd6038ad92642_JaffaCakes118
-
Size
1.8MB
-
Sample
240416-xtqgyabf5x
-
MD5
f4237f22e131216fc80bd6038ad92642
-
SHA1
8573f56d0b8f0734820257a4be4529ff5ef90041
-
SHA256
fbd4e06219737ce801ecf9c15c10df19d60fcacbc73d7ecf54d21bd13839b73d
-
SHA512
949d65fd77d68477ac932c00c5484aedf8dfa8ba92eecf91c8fcac33a456c29bbbbbd76d361ff93a4996c4d3a5502b32cc009dfe71d5dca1267c0d74b9f52e36
-
SSDEEP
49152:sdmKWu4tsgTAcDdCYcbWFmCdEK9Hn5blOn8:fFu4tLLAn61dv9Hnfd
Behavioral task
behavioral1
Sample
FluxVerify[x32].exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
FluxVerify[x32].exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
FluxVerify[x64].exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
FluxVerify[x64].exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
Libloader[gui]v3.exe
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
Libloader[gui]v3.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
WebContent.exe
Resource
win7-20240319-en
Behavioral task
behavioral8
Sample
WebContent.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
node_modules/.bin/mime
Resource
ubuntu1804-amd64-20240226-en
Behavioral task
behavioral10
Sample
node_modules/.bin/mime
Resource
debian9-armhf-20240226-en
Behavioral task
behavioral11
Sample
node_modules/.bin/mime
Resource
debian9-mipsbe-20240226-en
Behavioral task
behavioral12
Sample
node_modules/.bin/mime
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral13
Sample
node_modules/.bin/mime.cmd
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
node_modules/.bin/mime.cmd
Resource
win10v2004-20240412-en
Behavioral task
behavioral15
Sample
node_modules/.bin/mime.ps1
Resource
ubuntu1804-amd64-20240226-en
Behavioral task
behavioral16
Sample
node_modules/.bin/mime.ps1
Resource
debian9-armhf-20240226-en
Behavioral task
behavioral17
Sample
node_modules/.bin/mime.ps1
Resource
debian9-mipsbe-20240226-en
Behavioral task
behavioral18
Sample
node_modules/.bin/mime.ps1
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral19
Sample
node_modules/accepts/README.js
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
node_modules/accepts/README.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
node_modules/accepts/index.js
Resource
win7-20240319-en
Behavioral task
behavioral22
Sample
node_modules/accepts/index.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
node_modules/array-flatten/README.js
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
node_modules/array-flatten/README.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
node_modules/array-flatten/array-flatten.js
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
node_modules/array-flatten/array-flatten.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
node_modules/body-parser/README.js
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
node_modules/body-parser/README.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral29
Sample
node_modules/body-parser/index.js
Resource
win7-20240319-en
Behavioral task
behavioral30
Sample
node_modules/body-parser/index.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral31
Sample
node_modules/body-parser/lib/read.js
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
node_modules/body-parser/lib/read.js
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
FluxVerify[x32].exe
-
Size
155KB
-
MD5
f02cfeaff546b43762f9039c3fa1e8ef
-
SHA1
464bf15c3965c0247daa97b2bf0ad6a281602ce9
-
SHA256
97281f7b433676f095b2da8f54408c145676ce832a2c686dda29fac6c7bf4845
-
SHA512
a1e217349e18f7ab205830bbfdbdd52d07f22d8b8a7219b3690f31881040148fbd473c2e16c3a10d5bf3d6aed302dfd350eb9dc1710781e3af4e49521f439ff9
-
SSDEEP
1536:E/7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfiwPzKEOG:EzFfHgTWmCRkGbKGLeNTBfiizK+
Score1/10 -
-
-
Target
FluxVerify[x64].exe
-
Size
188KB
-
MD5
5f3a179c6cb93786f165fd1b4b6bd0d8
-
SHA1
64a2e5d4680bdcefd14d540ed55ba2fab60dada0
-
SHA256
cf417eba6d480dbfcbc9f7b54181a882fe4cbcb398dbac6d279df7e9a50552fd
-
SHA512
471c20eb8d8eecea56bdd3774e41e71ecd20714622291acff1b0b104d27d372532e10dd9e2445414f200ac32568cd1ac1c5a080834a72520b601c396773d2b33
-
SSDEEP
3072:auo1MlSEqhqJhJy0WTHW69B9VjMdxPedN9ug0/9TBfInzG+:a5oaqJhJMHW69B9VjMdxPedN9ug0/9T8
Score1/10 -
-
-
Target
Libloader[gui]v3.exe
-
Size
53KB
-
MD5
fef898f65a421856128a61edd258515c
-
SHA1
01b8bc415ecd9cd0166005e929b93f97b5c04455
-
SHA256
86e602957a1139de61b5e32d45fce767569fc988a417d919b0bead8cf3411c90
-
SHA512
71a1931cdb7a7cd9aec9556c56d00df5c057ec330b81731cfe307fb29f2dc79d782c6e4954acac0fe8b5d17d0beded2988ce0ff1ddb84e9a6269f88f9fa02247
-
SSDEEP
768:7D07tj8r//9paWo27rhNAr1Swnwf9PGalhAg1WgbumTOKk0xT0qHAVCxFYMBdU7d:7cgJhX7rgSs9a4g1p7ck0qgEdWcDPpc
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
WebContent.exe
-
Size
53KB
-
MD5
fef898f65a421856128a61edd258515c
-
SHA1
01b8bc415ecd9cd0166005e929b93f97b5c04455
-
SHA256
86e602957a1139de61b5e32d45fce767569fc988a417d919b0bead8cf3411c90
-
SHA512
71a1931cdb7a7cd9aec9556c56d00df5c057ec330b81731cfe307fb29f2dc79d782c6e4954acac0fe8b5d17d0beded2988ce0ff1ddb84e9a6269f88f9fa02247
-
SSDEEP
768:7D07tj8r//9paWo27rhNAr1Swnwf9PGalhAg1WgbumTOKk0xT0qHAVCxFYMBdU7d:7cgJhX7rgSs9a4g1p7ck0qgEdWcDPpc
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
node_modules/.bin/mime
-
Size
308B
-
MD5
1415d6750f45e9c12a12c1495be6fd45
-
SHA1
40673a6bf1bde4266db78bc06a24c838361db1a6
-
SHA256
5f27a1c1b855b9fca31ae37e93dc617dc8bff620269e57a804642ef40d0194ed
-
SHA512
d4aebe424afbedecc407cd3506b3279b47ee11cfbb129a7ae5b352368b38db7b0379e6060244cbf0565aa2ecba52f297d97fe7865ce931e0a5817205757f4c19
Score6/10-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Reads CPU attributes
-
-
-
Target
node_modules/.bin/mime.cmd
-
Size
271B
-
MD5
d18b78ba63ebe3f96215a6f5443ea8c1
-
SHA1
6c1e3cf8501a2c60db994ff124bd71e71015b015
-
SHA256
721500ff545f048c666cd30f55250c3fbfeadb1d0535391a6d1f1c2404a39f6d
-
SHA512
bd22eb604de0c2d72aab7384272978a31e96e335a76727b3da0e8d78b86332afefed3044051dd8e87e95dd9de0ab38a65be86ea7b55f2b80702447b9f316622d
Score1/10 -
-
-
Target
node_modules/.bin/mime.ps1
-
Size
478B
-
MD5
5ef323628f61e2e003bd818f3f0d0da5
-
SHA1
771c533638234bdcaed1f48a093ef20a4d2069e2
-
SHA256
c449606f93a3ec98f850bae37631e4af33e0f70241f02c193c12d31978d605f8
-
SHA512
a41beef9da1548db34b4cbd3fbe6f8c42506f36022532b4eaca58a89f7650efa720959b3fcd189dff73fbb798b2261684be28c00cc243225c360bd23f1c69df6
Score1/10 -
-
-
Target
node_modules/accepts/README.md
-
Size
3KB
-
MD5
9e6a0252de997173ebb7a3ff44a785b8
-
SHA1
11cfc0c8f90b6888638f0ebd4a7d801ce9d7cb4b
-
SHA256
3e76fd7c24dbf300adc385e47ac4b8112adb712480dc6d469ae5e46e3ffb2606
-
SHA512
b7e7649cffb3e2770b5362ca896f1d83ac49c53d03270eb12249edf540e4f117667d18bdcbc102b5ea58270c4f6aee337782a279511676f179d5814479ed3de9
Score1/10 -
-
-
Target
node_modules/accepts/index.js
-
Size
5KB
-
MD5
4fe4d2c90a2fd19d6e97443a7d24f815
-
SHA1
282263f45f6bf80fbf43f4097d53b5b60ff1a05f
-
SHA256
be2decbd50610e8f995c1e312ee4dd6d7c1244cfdf03ee4c4a3da68e572dada1
-
SHA512
c795b7285cc92616a46fd1ad2d00ce65fb4b269e6b6fc35315891d119b7c25b7f4573540be0627d577123201d9cfe119c8a53f0e75a8b6ea870f8d89a130c213
-
SSDEEP
96:oYG1MGmGHqyl8rAyBkmqFxo+uerpDWMlB8fdOGUJTit4UG9bCZhPwA:oYG1Xlqyl88yBD+uerRLD0YQ4rcZh9
Score1/10 -
-
-
Target
node_modules/array-flatten/README.md
-
Size
1KB
-
MD5
328fdaf1ee65869341567f4fb6716e02
-
SHA1
98efa9e4bd6d6bca4ebb76991a2187a8a496c8b6
-
SHA256
071dd896356da12269508f361958ec622e47b27a96d7efdba23b671bc3470416
-
SHA512
40378eeeb21474e8be2962853b1d279ab8e167e68ebad08ae4e7932c131da317672852916bcc1000ec43a0163653c45158a9a8be819b4a6479163ac8c5391ca5
Score1/10 -
-
-
Target
node_modules/array-flatten/array-flatten.js
-
Size
1KB
-
MD5
4b17fa06c54846b686b8b799e9dd253a
-
SHA1
fc6cc30e8b8ec09eeba62bac076ed627aa3ee8d1
-
SHA256
766ca145b6d25e3d60f352a716e8fa1876bcdf362c0767c360cf24f335bc281e
-
SHA512
72df1668f464f6942c484155b667086bb6f83f77e826ffcd146ee045079db3334aba270bffb66cdd796d4c9308121ec2a67a404289f19914c45d9a6c15435e71
Score1/10 -
-
-
Target
node_modules/body-parser/README.md
-
Size
16KB
-
MD5
0b6a422b2b1b220d6f54adea76b538d5
-
SHA1
18c88955f51d497ca88baa540ad6f6c2a547642c
-
SHA256
6a99b516086b69f5b815b0886e72d5d9a7d7867de08d698d98d0ede3955cbb44
-
SHA512
e7f6ecf10f2da0b6bb15995e6546ed83096b2facf1b068ea76490fdfdbe68f69b7b0e0e2b53a2365f3bf52879cc21053159788821a2ad429a90947bf71416d0d
-
SSDEEP
192:e20Kv7yga3eyidkShRvtldaydA6H9wSu9bpIQVf3X/R0yV2aaGJ59n3z5v:KKNO4d/xdA6H9i9bKqvXpqy
Score1/10 -
-
-
Target
node_modules/body-parser/index.js
-
Size
2KB
-
MD5
7b203b1ba7da7e9e3824e8c0c1708ea8
-
SHA1
1d17c3e4b7723f0af50892c025eab3fc6ccf11f7
-
SHA256
d584d690e2a5ffa3b9e7f13db3939a344d34f7ca38dc09b45af7c2fa7fe454e4
-
SHA512
44ea956c32a9bd14870dfb5e6ec404d2d83e7fb2bb35ef487337269f103e16a5926cb049daf4fbd17de24a36dac3079e8d8797166aedb969611db7e0a7c58202
Score1/10 -
-
-
Target
node_modules/body-parser/lib/read.js
-
Size
3KB
-
MD5
046366a27279a7d65e7ae694823e76bc
-
SHA1
24039fd819e2e4451a7725efa655af639e617d8c
-
SHA256
61a96c9ad70f888cf3cdcb511118d150447ea3f14f7b7ba776a0e1cd70084dd7
-
SHA512
9398123d00b357dd8e3847fd5a61184675427d13d02689b5f033389172e00b33ef70e83c9042091ee9802a3297f5e74583f3acd439b723345912d42ea2239be3
Score1/10 -