General
-
Target
2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams
-
Size
16.8MB
-
Sample
240426-3p5zqaee36
-
MD5
2696a373b015b79ec0ba62077a4cabe6
-
SHA1
34d8eb5774b3d3af8be8e1c1e7e353aff78967ef
-
SHA256
394ad860cbc9d532803049e2c72abf62ddc613d681c0440b156291c6b5c4e6b5
-
SHA512
9aaa7cc100d721dde2b137a81efdfbde69faf6df384922e31ad2b526495dd16cb5ce57a9f930b363432e02e76b0b6f41945d298722e6923a7bcde0a67c927cf2
-
SSDEEP
196608:sKx4vtup77rruuPwJrEvB8H42LYy/19kjJITyOy/19J:sKx4vFu4rE58H48LbeVL
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams
-
Size
16.8MB
-
MD5
2696a373b015b79ec0ba62077a4cabe6
-
SHA1
34d8eb5774b3d3af8be8e1c1e7e353aff78967ef
-
SHA256
394ad860cbc9d532803049e2c72abf62ddc613d681c0440b156291c6b5c4e6b5
-
SHA512
9aaa7cc100d721dde2b137a81efdfbde69faf6df384922e31ad2b526495dd16cb5ce57a9f930b363432e02e76b0b6f41945d298722e6923a7bcde0a67c927cf2
-
SSDEEP
196608:sKx4vtup77rruuPwJrEvB8H42LYy/19kjJITyOy/19J:sKx4vFu4rE58H48LbeVL
Score9/10-
Detects executables containing URLs to raw contents of a Github gist
-
Detects executables containing possible sandbox analysis VM usernames
-
Detects executables packed with ConfuserEx Custom; outside of GIT
-
Detects executables packed with or use KoiVM
-
Detects executables referencing many IR and analysis tools
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-