Overview

overview

3

Static

static

3

flux-setup.exe

windows7-x64

3

flux-setup.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

flux.exe

windows7-x64

1

flux.exe

windows10-2004-x64

1

runtime/fl...t.json

windows7-x64

3

runtime/fl...t.json

windows10-2004-x64

3

runtime/flux.psd

windows7-x64

3

runtime/flux.psd

windows10-2004-x64

3

runtime/flux.tre

windows7-x64

3

runtime/flux.tre

windows10-2004-x64

3

runtime/un...e.nsis

windows7-x64

3

runtime/un...e.nsis

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    flux-setup.exe

  • Size

    670KB

  • MD5

    ebf5b897e0e4b90143764fc39e0c5a21

  • SHA1

    244eb29a512f1cc980bcfdc3bda2c62e1954c6d7

  • SHA256

    b53390dba0e0c227341f3c688be3aef91455c4f926e6527af6ce1e4acf74a7b3

  • SHA512

    94eaf96b9bb79b78cba358eb8613ff31c10cc820e54fa5a53f7da5287da7e6cb8eb73a7a4503c8714745c6715c42066f033ef059defaf700843644ea53eb7133

  • SSDEEP

    12288:iy+D6QW+bxrvwL/4eJIGrqrggPFvg8FaFARFjMCoU41WHBUbIU82wuLpVGee6Jb5:L+mkbFU4eL9gPC84FGFjMCr4EHBUsUz5

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • flux-setup.exe
    .exe windows:4 windows x86 arch:x86

    b76363e9cb88bf9390860da8e50999d2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ShellExecAsUser.dll
    .dll windows:4 windows x86 arch:x86

    fb89301642ac2a39aefdd3cc2610ed81


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:5 windows x86 arch:x86

    a49b0342971aa199fc6349725b90146d


    Headers

    Imports

    Exports

    Sections

  • flux.exe
    .exe windows:5 windows x86 arch:x86

    51ee72c638ee0200ff8b37fb1213b605


    Code Sign

    Headers

    Imports

    Sections

  • runtime/flux.preset.json
  • runtime/flux.psd
  • runtime/flux.tre
  • runtime/uninstall.exe.nsis