Overview

overview

10

Static

static

10

nexus-valo...EY.exe

windows7-x64

7

nexus-valo...EY.exe

windows10-2004-x64

7

nexus-valo...TO.exe

windows7-x64

1

nexus-valo...TO.exe

windows10-2004-x64

1

nexus-valo...th.dll

windows7-x64

1

nexus-valo...th.dll

windows10-2004-x64

1

nexus-valo...tk.dll

windows7-x64

8

nexus-valo...tk.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    nexus-valo-checker-main.zip

  • Size

    41.7MB

  • MD5

    e1f9584d8cf103a2ca1c072a6c001c38

  • SHA1

    6e8a8cf33c133436095dd7efd20043206c9a6d9d

  • SHA256

    19546d9e6ed5ffee4518d758d28c822bd28a62f7ea31124c5a18e3c11c9d3aed

  • SHA512

    53e7dab8be09a433393ede0cbe44fe6fc7e22115f0ff7adc75a0d47596c82ffac0612757bdcb143ad56ca1f540081e19ded54fc994040e045825cb0dc5067845

  • SSDEEP

    786432:en/1rpMdow4jE48KlwRZm6M/JTo6CRGO3SB3i67HV47aT34i:G/1lMdowmE48+wRZVM/qGO3CiMV5

Score
10/10
pyinstallerempyrean

Malware Config

Signatures

  • Detects Empyrean stealer 1 IoCs
  • Empyrean family
    empyrean
  • Detects Pyinstaller 1 IoCs
    pyinstaller
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • nexus-valo-checker-main.zip
    .zip
  • nexus-valo-checker-main/AUTHKEY.exe
    .exe windows:5 windows x64 arch:x64

    1e92fd54d65284238a0e3b74b2715062


    Headers

    Imports

    Sections

  • main.pyc
  • nexus-valo-checker-main/Nexus_PTO.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Exports

    Sections

  • nexus-valo-checker-main/PTOAuth.dll
    .dll windows:6 windows x64 arch:x64

    4453de7a211a4e62586f684333e33f76


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • nexus-valo-checker-main/READ THIS !!.txt
  • nexus-valo-checker-main/README.md
  • nexus-valo-checker-main/config.json
  • nexus-valo-checker-main/stk.dll
    .dll windows:6 windows x64 arch:x64


    Headers

    Sections