Overview

overview

10

Static

static

3

Leak30.04.....4.exe

windows7-x64

1

Leak30.04.....4.exe

windows10-2004-x64

7

Leak30.04....is.exe

windows7-x64

10

Leak30.04....is.exe

windows10-2004-x64

10

Leak30.04....ox.dll

windows7-x64

1

Leak30.04....ox.dll

windows10-2004-x64

1

Leak30.04....ns.dll

windows7-x64

1

Leak30.04....ns.dll

windows10-2004-x64

1

Leak30.04....on.dll

windows7-x64

1

Leak30.04....on.dll

windows10-2004-x64

1

Leak30.04....UI.dll

windows7-x64

1

Leak30.04....UI.dll

windows10-2004-x64

1

Leak30.04....le.dll

windows7-x64

1

Leak30.04....le.dll

windows10-2004-x64

1

Leak30.04....ty.dll

windows7-x64

1

Leak30.04....ty.dll

windows10-2004-x64

1

Leak30.04....rk.dll

windows7-x64

1

Leak30.04....rk.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    x222KL.zip

  • Size

    18.0MB

  • MD5

    5da38b5641f3141928ddf93162af6ab6

  • SHA1

    e3f1e2e40fe43a3d076b88d02d58d7136be408c2

  • SHA256

    46589049926709a68d2e564342b82357db9ebac0851f561242e3493fb9c77a78

  • SHA512

    babe2ee8e69542b0e51eb4786d3e4f4a01b5578aaadf8250aff81848aa676d18874e27911862495ab67426f871fc977b7f0e34a81f49962dc6a6eb3320be2d9f

  • SSDEEP

    393216:oq18xkvH+SEkhEoU4ZsiqUVt2oI4NOVrQMjyZsxoN:oGovHolSi7Vt2FVc6xI

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • x222KL.zip
    .zip

    Password: x222ishere

  • Leak30.04.2024.zip
    .zip

    Password: x222ishere

  • Leak30.04.2024/Bloxstrap-v2.5.4.exe
    .exe windows:6 windows x64 arch:x64

    Password: x222ishere

    6dbf27f4c70fe2c8ed3e0122ba75d641


    Headers

    Imports

    Sections

  • Leak30.04.2024/Lycoris.exe
    .exe windows:4 windows x86 arch:x86

    Password: x222ishere


    Headers

    Sections

  • Leak30.04.2024/README.txt
  • Leak30.04.2024/bin/FastColoredTextBox.dll
    .dll windows:4 windows x86 arch:x86

    Password: x222ishere

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/Microsoft.Expression.Interactions.dll
    .dll windows:4 windows x86 arch:x86

    Password: x222ishere

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    Password: x222ishere

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/Siticone.UI.dll
    .dll windows:4 windows x86 arch:x86

    Password: x222ishere

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/System.ValueTuple.dll
    .dll windows:4 windows x86 arch:x86

    Password: x222ishere

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/System.Windows.Interactivity.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/WPFSpark.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Leak30.04.2024/bin/crosshair/crosshair.png
    .png
  • Leak30.04.2024/bin/lua.xshd
    .xml
  • Leak30.04.2024/configs/CUSTOMAP.txt
  • Leak30.04.2024/configs/Settings.txt
  • Leak30.04.2024/configs/teroll_HVH.txt
  • Leak30.04.2024/detector/moddetect.txt