Overview

overview

7

Static

static

7

Luxury Shi...er.vbs

windows7-x64

1

Luxury Shi...er.vbs

windows10-2004-x64

1

Luxury Shi...UI.dll

windows7-x64

1

Luxury Shi...UI.dll

windows10-2004-x64

1

Luxury Shi...I2.dll

windows7-x64

1

Luxury Shi...I2.dll

windows10-2004-x64

1

Luxury Shi...ge.exe

windows7-x64

1

Luxury Shi...ge.exe

windows10-2004-x64

1

Luxury Shi...ld.exe

windows7-x64

7

Luxury Shi...ld.exe

windows10-2004-x64

7

Luxury Shi...on.dll

windows7-x64

1

Luxury Shi...on.dll

windows10-2004-x64

1

Luxury Shi...on.dll

windows7-x64

1

Luxury Shi...on.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Luxury_Shield.rar

  • Size

    7.8MB

  • MD5

    c2339f6523d32a105e681525a7eefbb6

  • SHA1

    35591997c8454c104c226f7e71ee3d940a8828fe

  • SHA256

    f97034b507b27905197c61afbfd9d8b1868d07b9558fb13af6a08ad79b37ed26

  • SHA512

    2cc9c9e56fcdad7c3ca99f27ed649d1630214c03305569dca17f8e48f4218dcbb1c8383e9c7b7e96b2cc3c453cb8cacd8ed6f7decdae018b61bcc1467007f87b

  • SSDEEP

    196608:DDUBRihgCi5GDokLtvobPTUXjNxpqTM6eiSvg3Xps:DBViEckLx8TUnpqTMkGgHm

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Luxury_Shield.rar
    .rar
  • Luxury Shield/FontsInstaller.xml
    .vbs .xml polyglot
  • Luxury Shield/Guna.UI.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Luxury Shield/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Luxury Shield/ILMerge.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Luxury Shield/Luxury Shield.exe
    .exe windows:5 windows x86 arch:x86

    bf5a4aa99e5b160f8521cadd6bfe73b8


    Headers

    Imports

    Sections

  • Luxury Shield/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Luxury Shield/System.Web.Optimization.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections