Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 06:39

General

  • Target

    Lithium-Nuker-V2-main/Lithium Nuker V2.exe

  • Size

    18.2MB

  • MD5

    59532c79ededb7008c69016fde693f0b

  • SHA1

    0eb0141237e3772adbae53655cefc01d0e8b7c0f

  • SHA256

    ae57fb7f1fbb32ce8265575d1ed01f2e5d26c92664ed255511e66478cfe2848c

  • SHA512

    f6c309602a5dd0c993678487d1b1a99b976ede79563605e4e63dd4a04551098cf64557cf3515c362730a8a647f27021aab189f57b5c5afa52564c64dadf7eaf3

  • SSDEEP

    393216:7hjsQtspjQETS/vJQ7L8AbVykTTA7X31uk:JsQtsdQEW/hQXpsSCl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Lithium-Nuker-V2-main\Lithium Nuker V2.exe
    "C:\Users\Admin\AppData\Local\Temp\Lithium-Nuker-V2-main\Lithium Nuker V2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Users\Admin\AppData\Local\Temp\Lithium-Nuker-V2-main\Lithium Nuker V2.exe
      "C:\Users\Admin\AppData\Local\Temp\Lithium-Nuker-V2-main\Lithium Nuker V2.exe"
      2⤵
      • Loads dropped DLL
      PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20962\python311.dll

    Filesize

    5.5MB

    MD5

    5a5dd7cad8028097842b0afef45bfbcf

    SHA1

    e247a2e460687c607253949c52ae2801ff35dc4a

    SHA256

    a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

    SHA512

    e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858