Overview

overview

10

Static

static

10

2024-04-26...ms.exe

windows7-x64

9

2024-04-26...ms.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams

  • Size

    16.8MB

  • MD5

    2696a373b015b79ec0ba62077a4cabe6

  • SHA1

    34d8eb5774b3d3af8be8e1c1e7e353aff78967ef

  • SHA256

    394ad860cbc9d532803049e2c72abf62ddc613d681c0440b156291c6b5c4e6b5

  • SHA512

    9aaa7cc100d721dde2b137a81efdfbde69faf6df384922e31ad2b526495dd16cb5ce57a9f930b363432e02e76b0b6f41945d298722e6923a7bcde0a67c927cf2

  • SSDEEP

    196608:sKx4vtup77rruuPwJrEvB8H42LYy/19kjJITyOy/19J:sKx4vFu4rE58H48LbeVL

Score
10/10

Malware Config

Signatures

  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • Detects executables containing possible sandbox analysis VM usernames 1 IoCs
  • Detects executables packed with ConfuserEx Custom; outside of GIT 1 IoCs
  • Detects executables packed with or use KoiVM 1 IoCs
  • Detects executables referencing many IR and analysis tools 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-26_2696a373b015b79ec0ba62077a4cabe6_elex_lightbolt_mafia_skypams
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections