56a83ce8c2f3936b808d4be0e588104d0ddab51cadbbfbee3fefd44a9eb8bd9f | Triage

Sharing

General

Target

Fluxus.zip
Size

437KB
Sample

240805-rlwq4aycjp
MD5

5ac04e48ee22078b63ea5db078758f10
SHA1

00f1df8d55021d8f860b54f737689493346178a1
SHA256

56a83ce8c2f3936b808d4be0e588104d0ddab51cadbbfbee3fefd44a9eb8bd9f
SHA512

16b8541fda73190d03ec219c81fa963fd870430dacb3aa23ee9439e62443c1565da876816f5cc2bac0fd554822fec9a68304cf74ba1ee66f16519647bebba816
SSDEEP

6144:m/6DLe6398LCOUgFtiqIOLxitBanEBakf+FB+0AkRfQ1o8BV43HpsXkoQjujBHUo:mC/Z98L+QIOLYBaEft0bK1DVyQkx02j+

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  Launcher.bat
- Size
  
  398B
- MD5
  
  d5052c508e0fc15c63f5db6582cababd
- SHA1
  
  cb1e45109ae355ef9b0ca93d7e4e1d30f7a80348
- SHA256
  
  49f4b03f1ac32c1fb46c6f190120d43a97c2fb872306ec1d628b4ca0ef7a8b97
- SHA512
  
  098c26a1d171fbb38849a0e54b51147779f2fcf7a18ba11320b38ba654e2c19531e5ad683cf0988ad964139af296c9c7915b4e34953e96762c1d0bb603a16087
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  compiler.exe
- Size
  
  203KB
- MD5
  
  aa8aacab39f0d8e5d734a55d9a60167e
- SHA1
  
  15c48d107a31cd66a429e8fead72eb859ca681f3
- SHA256
  
  b9e2e82ffbf5edf8d5916f300de657963c9f10cb336beefee6f97551eee4488b
- SHA512
  
  e427e9a8248f1e0e85289ce9c3e374772f3207d354775b2a63774ec8a5cef064791ad90c58e86e2375c662bf778041bee04140d8cf1177d7c89d948edce8c53c
- SSDEEP
  
  3072:dnvavn6z2TMRXs0I0ziBev6pQBeXEmZQCJeoH6ctzJQel5axhtvbOEUgnuBKn7+8:dva5TMRXs0IKiBDbZt4Ggn77+ez348
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral3 behavioral4
- Target
  
  config
- Size
  
  298KB
- MD5
  
  4ad602c68eb3aa4c84c73834e653605f
- SHA1
  
  3afe93611642a34da843e91db323fbec18ac7887
- SHA256
  
  aa2ac19e959beca447e34da002cc63149c208d8427bb8631344ea069f4bbccba
- SHA512
  
  9cbb57a762f924768a1ff05cec2f0a05e4c4b6d145a51bec8246bae4f9de382f95809cc71bb6a0592ee97172cf020bdecf00d6997ff4f0242a8ad6458ae7f2d5
- SSDEEP
  
  3072:CpLKAVn5IsbBoSACROtFD/2GWJmv+yO9CE/eLxb0plHg2Qe7IXh2h:C8AHBoLCUjJWMO0E/et0pF5IXu
Score

1^/10
behavioral5 behavioral6
- Target
  
  lua51.dll
- Size
  
  389KB
- MD5
  
  798ed1dd8c6bf4bbd58f1646216c490e
- SHA1
  
  43875064eff7dc103707a323ebe8c755dbbf5552
- SHA256
  
  78542e56257d0e334d134860ae2f88c84e8c4a27653ef4bf217161ac60f30d73
- SHA512
  
  ca1ae45f8c4fe8d3b3df154581e93b54f8366efab988e864282f6e8b74a8f3c1f46a696882422a233a43f06f9941604f6037d7ccd44888eb3db919e43b69d57e
- SSDEEP
  
  12288:viZ+ox9piQ8G27pC6Yyu5t60O0MJuAghAuNwABf:ve19pm7pCuCt6+w
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8