1154b67fdd4c7948e515c6c33c02725f491b35b47c9d1d88e6a5e8ede962ca4f | Triage

Sharing

General

Target

LithiumNukerV2-main.zip
Size

712KB
Sample

241004-yf6sfaxcpg
MD5

19b4a0ce4914531266b820bd3b9d9674
SHA1

573602a62a1de3babfe3b4f9a9e85358d994389a
SHA256

1154b67fdd4c7948e515c6c33c02725f491b35b47c9d1d88e6a5e8ede962ca4f
SHA512

26416028fe89ba1543cd1c752945287483e38ebf19dd36060947162068ebb7740e478afa6caf945c77411082afac1f13e0c44c3f3cd5c4e75685d9c94bee468e
SSDEEP

12288:na51igC08TmK+PJjT2DPqP/MQHQiHPKFUSBzOZdfrXg+JwuKt/S/60z7:nY1i1TTmlPJvd/MQwiCFUjfw+Jwz/S/T

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  LithiumNukerV2-main/LithiumCore.dll
- Size
  
  41KB
- MD5
  
  80d79c50f5556276842a277c0796c052
- SHA1
  
  2df1f5c8c0c92926cc8e0c0e712c553953b3343c
- SHA256
  
  7910c9210f14d2345819a82cd8ac9df86f457c23b54cd2e6ac000fcfe8feaa32
- SHA512
  
  d4490729fce4eac9c8e44be160b1b81695b4cdb2fe3e4389f23d71dce146216b2c05e39ee2ec73070415054358502547def3937b75d65b5b2e2d7c4d4d80536b
- SSDEEP
  
  768:lK0bcPEN8fAJxw24Iyg/d3IP0gy0+3xTwTB0nEuJ3g:QycPEW6xw24IlV3IP0f0qxU0nEqw
Score

1^/10
behavioral1 behavioral2
- Target
  
  LithiumNukerV2-main/LithiumNukerV2.exe
- Size
  
  17KB
- MD5
  
  141296b8484e510e357fc620613fd4ba
- SHA1
  
  ad5dcb55883e74b53da1c6d94ce18b1788ba67a6
- SHA256
  
  0a918070f9cf821847b17df6c9d8858e1dd2da30a7d7121e06efe27eff740ad4
- SHA512
  
  dde9ef0c074ea607c7acf6d248f4b6980cb9e057ade6885d2c5091ebc71f7842dc113f813a4d5d54a7a0d6acbb2437cbd9684d1472872313d2c62f8794e42b2e
- SSDEEP
  
  192:zvrvG+/dLz9R3nLc8MGzSnCs3Hznvjd0p6oUYc84C3LZm94qt5fOrool:zzn/d08fSvXznvjd0/cu3L0flo
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4
- Target
  
  LithiumNukerV2-main/Newtonsoft.Json.dll
- Size
  
  685KB
- MD5
  
  081d9558bbb7adce142da153b2d5577a
- SHA1
  
  7d0ad03fbda1c24f883116b940717e596073ae96
- SHA256
  
  b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
- SHA512
  
  2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511
- SSDEEP
  
  12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5
Score

1^/10
behavioral5 behavioral6
- Target
  
  LithiumNukerV2-main/Veylib.dll
- Size
  
  70KB
- MD5
  
  3552d418ce6394cdd9fc0fb06b883013
- SHA1
  
  52bbcb19cd100abbd261a4b4204dcec8c60e9646
- SHA256
  
  0a87fede388ea48d2f21452058a40982a46d1601f9f7c6b1080b983078a59742
- SHA512
  
  57d05e1f6c17efb54b5e5a8dc62b6a872b4fe7cb77c8f5f40a355a609b441cab615942961be006a7226486e41797669e309b34354d6d81d7a950a0459ab868ea
- SSDEEP
  
  1536:tpjlegbx3JZIOztGqiwuxf4Qo5AvK/bUyCaTS:7jldxztGqiXf4Q9C/bUyCaTS
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8