Overview

overview

3

Static

static

3

UTIL/amifldrv64.sys

windows11-21h2-x64

1

UTIL/conspiracy.exe

windows11-21h2-x64

1

spoof perm.bat

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Mayt-VixenPERMWOOF.zip

  • Size

    4.6MB

  • MD5

    a8c5cb235ca1a98af16727760389bdd5

  • SHA1

    0c33fc393fa89bec352819ea2974e54539eb476e

  • SHA256

    18c387ce8bd4d792e60f33021cda0a940f3ec88e3db33a22c7d8b4695434d0a3

  • SHA512

    f51d015c8e7b2dd288abcdc367bebea20e24bf69df3153e903b2a8b5f2e42993cbb76dc24290ee36828f6ab79b628accc095f89acffc4e76b70c503e18b667b8

  • SSDEEP

    98304:g283Bzpuf/N/eeWcdLJ8W8TxZjFXikiu4L9ohKA0DOWcE8hr9:gP3JpSl5LJ8hTiBKhKA0gE8hr9

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Mayt-VixenPERMWOOF.zip
    .zip
  • UTIL/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    363922cc73591e60f2af113182414230


    Code Sign

    Headers

    Imports

    Sections

  • UTIL/conspiracy.exe
    .exe windows:6 windows x64 arch:x64

    0fc5c1d21aadbda444db1620a3f6dbff


    Headers

    Imports

    Sections

  • spoof perm.bat
    .bat .vbs