98d1e9e65b5c404ffb034df779b0b676b205a9bb97074f3149078894c2b1c205 | Triage

Sharing

General

Target

Lithium-Nuker-V2-main.zip
Size

17.9MB
Sample

240523-he25vsge62
MD5

e39509ecfb30705abe7d7f3b76bc3422
SHA1

684ca977756e326319eaec224eff059b166ca8aa
SHA256

98d1e9e65b5c404ffb034df779b0b676b205a9bb97074f3149078894c2b1c205
SHA512

dbb8c535bb68e3f65a1f61d452ecfcac7c1bc89c2219b9498d5c947888528bf7c74f97c15bc194f762923a706e8da2081c3996495a16233b48fff05d8c992356
SSDEEP

196608:rnTrBfs7iYmyE8yNjPt86GAustWEfIv2dGadV0r5W1Se29UD4QXhfD82nYV7HhUf:rnTL8ijKAtW/axQUD4QVYtomNxfIAi

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Lithium-Nuker-V2-main.zip
- Size
  
  17.9MB
- MD5
  
  e39509ecfb30705abe7d7f3b76bc3422
- SHA1
  
  684ca977756e326319eaec224eff059b166ca8aa
- SHA256
  
  98d1e9e65b5c404ffb034df779b0b676b205a9bb97074f3149078894c2b1c205
- SHA512
  
  dbb8c535bb68e3f65a1f61d452ecfcac7c1bc89c2219b9498d5c947888528bf7c74f97c15bc194f762923a706e8da2081c3996495a16233b48fff05d8c992356
- SSDEEP
  
  196608:rnTrBfs7iYmyE8yNjPt86GAustWEfIv2dGadV0r5W1Se29UD4QXhfD82nYV7HhUf:rnTL8ijKAtW/axQUD4QVYtomNxfIAi
Score

1^/10
behavioral1 behavioral2
- Target
  
  Lithium-Nuker-V2-main/Lithium Nuker V2.exe
- Size
  
  18.2MB
- MD5
  
  59532c79ededb7008c69016fde693f0b
- SHA1
  
  0eb0141237e3772adbae53655cefc01d0e8b7c0f
- SHA256
  
  ae57fb7f1fbb32ce8265575d1ed01f2e5d26c92664ed255511e66478cfe2848c
- SHA512
  
  f6c309602a5dd0c993678487d1b1a99b976ede79563605e4e63dd4a04551098cf64557cf3515c362730a8a647f27021aab189f57b5c5afa52564c64dadf7eaf3
- SSDEEP
  
  393216:7hjsQtspjQETS/vJQ7L8AbVykTTA7X31uk:JsQtsdQEW/hQXpsSCl
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  log.pyc
- Size
  
  9KB
- MD5
  
  fc9c451b97415cc1df14311f65869440
- SHA1
  
  dbca1e2eeba5f1a10c9237130de6407274bbaa28
- SHA256
  
  a33d5b3f343bc047c2f9bd7f8b859dfe6618056b4eec273cf10bcc9d3134cb4b
- SHA512
  
  345ad52164031559129742547787b551a357afd589bcd7115220378c5ad0f4fbd0c1c86a45a296033d9f6b1c57f304452f00ac622e6c4b5d4a12bcc753439563
- SSDEEP
  
  192:imTZv/C1S3gfpT0gVdBeVyYoKRpmILplUEkmU635UQeY:nZqfp4gVmVyY7pblUEkmUsUA
Score

3^/10
behavioral5 behavioral6
- Target
  
  Lithium-Nuker-V2-main/README.md
- Size
  
  100B
- MD5
  
  fb18f6b70784d27134c9401ec201df12
- SHA1
  
  fe937f13eee611e5ad3daba578c56007f9598004
- SHA256
  
  0c34dd5ab9cc9d8a6b1e2b9d404afee445dbd1d22269c432018baae008cd9b1b
- SHA512
  
  9c337880407c7ddedf270efa8f2e73e1d360a85f1f0dacccbffea6c356385f48b8ebb4ad0b9cca1dc394b6a824084e50662c559b978c6e36d83ed2cbcba74eb7
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8