Overview
overview
10Static
static
3NeverLose.zip
windows7-x64
1NeverLose.zip
windows10-2004-x64
1Neverlose....!!.txt
windows7-x64
1Neverlose....!!.txt
windows10-2004-x64
1Neverlose....se.exe
windows7-x64
3Neverlose....se.exe
windows10-2004-x64
10Neverlose....it.cfg
windows7-x64
3Neverlose....it.cfg
windows10-2004-x64
3Neverlose....ge.cfg
windows7-x64
3Neverlose....ge.cfg
windows10-2004-x64
3Neverlose....ad.dll
windows7-x64
1Neverlose....ad.dll
windows10-2004-x64
1Neverlose....Ru.rtf
windows7-x64
4Neverlose....Ru.rtf
windows10-2004-x64
1General
-
Target
NeverLose.zip
-
Size
619KB
-
Sample
240524-lrj2lada45
-
MD5
c9d95e20a75db79ec89f817de03d4684
-
SHA1
8a16dee137cc994a7a8e607889a7adece8d97965
-
SHA256
ea439153b48afc4eebee25faa7ce28562246530a7c80905362e3f614410297b5
-
SHA512
22bd0bcf51fe04d751e5091b697eac57ea69a9353cd47c080f9506ebb2dbd29b9d1f57015d3bfbfc64cb75b13f7f53f9d8351c2e0c1d1ec0e351fcf8cff26729
-
SSDEEP
12288:8LdnM0YYXoeQ0ubFWwLGP1LArVbQobmyyFL3vS42NHVTuNTypY3:ImS4eQ3b+9LiQo6d3b23I
Static task
static1
Behavioral task
behavioral1
Sample
NeverLose.zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
NeverLose.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Neverlose.cc/Guide READ ME!!!!.txt
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Neverlose.cc/Guide READ ME!!!!.txt
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Neverlose.cc/NeverLose.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Neverlose.cc/NeverLose.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Neverlose.cc/cfg/Legit.cfg
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Neverlose.cc/cfg/Legit.cfg
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
Neverlose.cc/cfg/Rage.cfg
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Neverlose.cc/cfg/Rage.cfg
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
Neverlose.cc/dll/Load.dll
Resource
win7-20240419-en
Behavioral task
behavioral12
Sample
Neverlose.cc/dll/Load.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
Neverlose.cc/languages/Ru.rtf
Resource
win7-20240508-en
Behavioral task
behavioral14
Sample
Neverlose.cc/languages/Ru.rtf
Resource
win10v2004-20240508-en
Malware Config
Extracted
lumma
https://productivelookewr.shop/api
https://tolerateilusidjukl.shop/api
https://shatterbreathepsw.shop/api
https://shortsvelventysjo.shop/api
https://incredibleextedwj.shop/api
https://alcojoldwograpciw.shop/api
https://liabilitynighstjsko.shop/api
https://demonstationfukewko.shop/api
Targets
-
-
Target
NeverLose.zip
-
Size
619KB
-
MD5
c9d95e20a75db79ec89f817de03d4684
-
SHA1
8a16dee137cc994a7a8e607889a7adece8d97965
-
SHA256
ea439153b48afc4eebee25faa7ce28562246530a7c80905362e3f614410297b5
-
SHA512
22bd0bcf51fe04d751e5091b697eac57ea69a9353cd47c080f9506ebb2dbd29b9d1f57015d3bfbfc64cb75b13f7f53f9d8351c2e0c1d1ec0e351fcf8cff26729
-
SSDEEP
12288:8LdnM0YYXoeQ0ubFWwLGP1LArVbQobmyyFL3vS42NHVTuNTypY3:ImS4eQ3b+9LiQo6d3b23I
Score1/10 -
-
-
Target
Neverlose.cc/Guide READ ME!!!!.txt
-
Size
725B
-
MD5
ed935b63cf35d3169480bdc4bcc5d0a9
-
SHA1
9a89f642a8a5251cf591be9dca7d308b554b8d4a
-
SHA256
adbc26c193fba2cbd6926fcf7005e15df8e25713262b2a0e83eea6200b4939f5
-
SHA512
9a24f6baae67e2c2543cb4beb4fb281a210d04c8a706d7b964f3bb57e232ce56df0f03561c8af97075f301ec1a42f38df821b181673a71ae5c72297400d62310
Score1/10 -
-
-
Target
Neverlose.cc/NeverLose.exe
-
Size
1.2MB
-
MD5
bb5a7414d8e9eed4ae56984ea9e5d326
-
SHA1
44b72cdccdf5c4a685ba6f13baa1ed8999286cd4
-
SHA256
0b5aaa2bbba71e9c37da4e3819a6a878955e0acc8bc199b247a586283e13b9f2
-
SHA512
010b10795950d939e446244828fb56e1bd0cc4dc714733cfcdf1b09a946dacf75708ae9456ced2d6e3eb5e7bf3b062afdd738a7abbcfe2b49212bb1eee199ad1
-
SSDEEP
24576:WDmJmqp/bF9xRL+Ab3zYaiYpUjNRgVztW:WKXF9xRL+Au5NmZ
-
Suspicious use of SetThreadContext
-
-
-
Target
Neverlose.cc/cfg/Legit.cfg
-
Size
1.2MB
-
MD5
a3d382d5772e74b3ac1e462a031726bf
-
SHA1
150fbb13b5d02778a9b1398cc6930241e0d47d8e
-
SHA256
c7f7deda40d02d97050f1d8eeabeb8f4a6bbb0ac2a8641f70f47b10780b2595c
-
SHA512
911204bcb99bbab4c14e02ad507d9799a643633842b7db70f629547bab72dd85108c3045aa8307efc4a0bb509710536d6f8ef4137df1f9250dbf6623d2323b89
-
SSDEEP
24:/bbbbbbbbbbbbbbbbbbbbbbe8Xbbbbbbb8Xbbbbbbbbb8XobbbbbbgX8XbUbbbbT:h
Score3/10 -
-
-
Target
Neverlose.cc/cfg/Rage.cfg
-
Size
1.1MB
-
MD5
c70b6abc677252c7a783e9eb18692f79
-
SHA1
bf6dba2ad311f0691be7977fc736978ec79e8334
-
SHA256
bd723f290961acba9bb926e82574b0c2425fe35cdbb14e5116b8403714ea5b6e
-
SHA512
25327ebcb5f2aba1f9ce2583588bd72950525436d0f34b32c1cc69d207c505ba22bf95b28e3cf2ca0bbd41fd8beee93f4372cd4f1f37ce243ffe8d1dd853380e
-
SSDEEP
48:LYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYT:P
Score3/10 -
-
-
Target
Neverlose.cc/dll/Load.dll
-
Size
1.2MB
-
MD5
d419ed219a91886531de9606899d3472
-
SHA1
58e0d349c21fc7747d4b60248ae1a284b58eb80e
-
SHA256
238545d28441056e04a70dea2cb50e58f60ba974a69853406a57ca3f8c904561
-
SHA512
a4174a050987a2500c95dd7644a2e1e64f20acf276fae49365f779055ecd5a325881308eb700b2da4169c1a6dbecad6715a43affbf4066b21978104d3a1d18dc
-
SSDEEP
24:/bbbbbbbbbbbbbbbbbbbbbbe8Xbbbbbbb8Xbbbbbbbbb8XobbbbbbgX8XbUbbbbF:X
Score1/10 -
-
-
Target
Neverlose.cc/languages/Ru.rtf
-
Size
7B
-
MD5
8274425de767b30b2fff1124ab54abb5
-
SHA1
2201589aa3ed709b3665e4ff979e10c6ad5137fc
-
SHA256
0d6afb7e939f0936f40afdc759b5a354ea5427ec250a47e7b904ab1ea800a01d
-
SHA512
16f1647b22ca8679352e232c7dcbcdcba224c9b045c70e572bf061b2996f251cbd65a152557409f17be9417b23460adebe5de08d2dea30d13a64e22f6607206b
Score4/10 -