General

  • Target

    89c44579b4a5c635d0be5cff6729fecf.bin

  • Size

    8.5MB

  • MD5

    89c44579b4a5c635d0be5cff6729fecf

  • SHA1

    c31640ad4ecee712cd68212c1b9acc1224671710

  • SHA256

    3179f14d4ee6ade9db5a23c027889140028cfdf272a7f145e9563087b19bcb54

  • SHA512

    91d21b340dbd6a44481a086b6fe3f70ab081d029a1ecc0cf033dd4540c6c1ac9f4ba7c102a0badf44e0007c4e542f56dc884deda16a5f571883750ff14e3d266

  • SSDEEP

    196608:30AMs79dyHuSdYxUBnl4lF9dvgV/XTcI+y9byjBR6ayPiN8zPw4D:3V98Hh7Bn6LoRT7F+6LPjwu

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 89c44579b4a5c635d0be5cff6729fecf.bin
    .zip

    Password: infected

  • Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Nyx.exe
    .exe windows:4 windows x64 arch:x64

    Password: infected


    Headers

    Sections

  • libcurl.dll
    .dll windows:6 windows x64 arch:x64

    Password: infected

    14248874c6f626cc676f0d1638a85bc6


    Headers

    Imports

    Exports

    Sections

  • monaco/Monaco.html
    .js
  • monaco/NYXscriptdoc.html
  • monaco/vs/base/worker/workerMain.js
    .js
  • monaco/vs/basic-languages/lua/lua.js
  • monaco/vs/editor/contrib/suggest/media/String_16x.svg
  • monaco/vs/editor/contrib/suggest/media/String_inverse_16x.svg
  • monaco/vs/editor/editor.main.css
  • monaco/vs/editor/editor.main.js
    .js
  • monaco/vs/editor/editor.main.nls.de.js
  • monaco/vs/editor/editor.main.nls.es.js
  • monaco/vs/editor/editor.main.nls.fr.js
  • monaco/vs/editor/editor.main.nls.it.js
  • monaco/vs/editor/editor.main.nls.ja.js
  • monaco/vs/editor/editor.main.nls.js
  • monaco/vs/editor/editor.main.nls.ko.js
  • monaco/vs/editor/editor.main.nls.ru.js
  • monaco/vs/editor/editor.main.nls.zh-cn.js
  • monaco/vs/editor/editor.main.nls.zh-tw.js
  • monaco/vs/editor/standalone/browser/quickOpen/symbol-sprite.svg
  • monaco/vs/loader.js
    .js
  • nyxplayerbeta.exe
    .exe windows:6 windows x64 arch:x64

    Password: infected

    24a13c5044ea9a272838544b5e171149


    Headers

    Imports

    Exports

    Sections

  • nyxserverhandler.dll
    .dll windows:4 windows x64 arch:x64

    Password: infected


    Headers

    Sections

  • scripts/Infinite yield.lua
    .js
  • scripts/betascript.lua
    .js
  • workspace/.tests/appendfile.txt
  • workspace/.tests/delfile.txt
  • workspace/.tests/isfile.txt
  • workspace/.tests/listfiles/test_1.txt
  • workspace/.tests/readfile.txt
  • workspace/.tests/writefile.txt
  • workspace/IY_FE.iy
  • zlib1.dll
    .dll windows:6 windows x64 arch:x64

    Password: infected

    d879d2294039900ef484e0f01607f882


    Headers

    Imports

    Exports

    Sections