de4f9c0ff0479791be0aed7ac523f5464dc7757b6dc9e15b41bc5e1b37ffec3d | Triage

Sharing

General

Target

Fluxus.exe
Size

87.4MB
Sample

240525-jg3d3sag2x
MD5

9072472a494fa21667500f5205e87931
SHA1

06e4b5c8cda6fbdcb6a50668d3fe2aa687c41c33
SHA256

de4f9c0ff0479791be0aed7ac523f5464dc7757b6dc9e15b41bc5e1b37ffec3d
SHA512

adfd493b43a39b6ad1af6a0bc1af532176ccb626b2007b8284e49fca36db14c5668b14aa871b6885e9c2e17991be24bad909fbdb41ebc048c37defcdd7631afa
SSDEEP

1572864:WG5HYBiMFacAtjsmjLASovu3NI/q17EATkPZOQNe6xiQyB+w7TYDlnOqUU:xYBlFaz1w7G3O/pPPAQNe6xiQyhHOln5

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Fluxus.exe
- Size
  
  87.4MB
- MD5
  
  9072472a494fa21667500f5205e87931
- SHA1
  
  06e4b5c8cda6fbdcb6a50668d3fe2aa687c41c33
- SHA256
  
  de4f9c0ff0479791be0aed7ac523f5464dc7757b6dc9e15b41bc5e1b37ffec3d
- SHA512
  
  adfd493b43a39b6ad1af6a0bc1af532176ccb626b2007b8284e49fca36db14c5668b14aa871b6885e9c2e17991be24bad909fbdb41ebc048c37defcdd7631afa
- SSDEEP
  
  1572864:WG5HYBiMFacAtjsmjLASovu3NI/q17EATkPZOQNe6xiQyB+w7TYDlnOqUU:xYBlFaz1w7G3O/pPPAQNe6xiQyhHOln5
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1