Overview

overview

5

Static

static

3

X48 Loader...spv.sh

windows10-2004-x64

3

X48 Loader...spv.sh

windows11-21h2-x64

3

X48 Loader...GX.exe

windows10-2004-x64

1

X48 Loader...GX.exe

windows11-21h2-x64

1

X48 Loader...ng.exe

windows10-2004-x64

5

X48 Loader...ng.exe

windows11-21h2-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    X48+Loader.rar

  • Size

    17.9MB

  • Sample

    240914-l33cbaybpj

  • MD5

    d3d96af91fef5706cf6c330f2bd0791d

  • SHA1

    4e3b84777f41e637030072b215b867da3ba1384a

  • SHA256

    45edcacda9ed6d8ddab5dd842983ffe0c089c53398fdff65a122bea9f2f72c28

  • SHA512

    12c665ce871405fbda8c06683e2747a34e29a66af117e6cb160ca5886a4d240b8f87c4323fc5e98f188ac29af7ca293b12dfc46b2208913ccc7f6c30a29b55e3

  • SSDEEP

    393216:Gz6B9KPuMXCqnMJgEmyobhxqrhszuGNCFVv4XjALPFr0ZQDcnR:GzQKG5qnM5myuXut2WREULPF+Q8

Score
5/10

Malware Config

Targets

    • Target

      X48 Loader/backends/vulkan/generate_spv.sh

    • Size

      254B

    • MD5

      a09d099e97faf2182cf8f37380f38437

    • SHA1

      9df03ad0145980bb29350970440eec4fd544fdde

    • SHA256

      c3abb9fe51a4c033003ddabfd97c79583c89675572225b2d7b615619b58ee798

    • SHA512

      f12ece36c97f82b1d36cea0ddb29fda90a7a4976acc62a3d3e837522a468d42b5d22902142259c670530041eb860c4cca35a6fef74eed69ffe2d38ff3815f5f1

    Score
    3/10
    behavioral1behavioral2

    • Target

      X48 Loader/examples/example_win32_directx11/Build/Browser Opera GX.exe

    • Size

      2.0MB

    • MD5

      6720ef3e87d3d0ccbeafd39e41be7513

    • SHA1

      1f90a321dfadc0f98c202b81863845274339eb7e

    • SHA256

      7c14ee40d54116fd02b69a83d8649f27523a89b7d5a6ff8b7a895a7c528b1915

    • SHA512

      4955065018c4430644500e131a8b022160e863eb03a487e484b9f1c02bc91c4fbd987bd0b3f5c4779e145ce719970161b27edbd303405ebee08384a1298c542b

    • SSDEEP

      24576:+GsIF58RhPe/7sXKpI0RONmd4ajQN4lDYsZnHmy3cnKxRWxR3jL6wZHqBm/3nHDk:+Gs1hGsAnj5lUqnGy9i0m/auXc

    Score
    1/10
    behavioral3behavioral4

    • Target

      X48 Loader/examples/example_win32_directx11/Release/vxlang/vxlang.exe

    • Size

      4.8MB

    • MD5

      88ed3d139eb7ae96ec10b3a06c3be6ea

    • SHA1

      c6de0474d982f6d12670f9cbc71f05420d023e9a

    • SHA256

      b8481fa65ca9bc716357a1fa0e23a930277d2e070b7b8aa1cd6d2e771ea467f5

    • SHA512

      0d69d07deb6fd0770fe5e718940a88609635fe31594c127e75d51a942061cfc2c3defb325b34c4f01aa150764694cdf2671967759402f9e49fd56fbee52716ec

    • SSDEEP

      98304:a72PUKPzu3MEVmpMMg9gmL+2Pp86gkLTDUU:jPUjMtEgmLM6gkvD3

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks