General
-
Target
MEXIS-BETA1.5.rar
-
Size
8.9MB
-
Sample
240707-d6re8asgkp
-
MD5
dc1ef8a006b8729112c19e7a60fd78e5
-
SHA1
a404a8f2c16a2b3e2e3b743eaf5672119062ab5e
-
SHA256
f0bfd5bfc3e9d83e26445d8b370be79bc0efd31b086a76a4c9496f69a186f538
-
SHA512
498172929a094ba6995194308e4daa1e4b4654f4f066ec6304e3b36c61649cc3fd1d1726a68ebbeebacfe3b47dd3a8bef447267c38825229697d75fcc56a399b
-
SSDEEP
196608:pP+ILWArnKy1bVM18LZYp8g1AFbCLFJdE9duvqUvjQtRu9Rqo:1+ILfnKyJVMQKKCD6XujTn
Behavioral task
behavioral1
Sample
MEXIS-BETA1.5.rar
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
MEXIS-BETA1.5.rar
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
LunarBETA1.5/LunarBETA1.5/release.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
MEXIS-BETA1.5.rar
-
Size
8.9MB
-
MD5
dc1ef8a006b8729112c19e7a60fd78e5
-
SHA1
a404a8f2c16a2b3e2e3b743eaf5672119062ab5e
-
SHA256
f0bfd5bfc3e9d83e26445d8b370be79bc0efd31b086a76a4c9496f69a186f538
-
SHA512
498172929a094ba6995194308e4daa1e4b4654f4f066ec6304e3b36c61649cc3fd1d1726a68ebbeebacfe3b47dd3a8bef447267c38825229697d75fcc56a399b
-
SSDEEP
196608:pP+ILWArnKy1bVM18LZYp8g1AFbCLFJdE9duvqUvjQtRu9Rqo:1+ILfnKyJVMQKKCD6XujTn
Score3/10 -
-
-
Target
LunarBETA1.5/LunarBETA1.5/release.exe
-
Size
5.9MB
-
MD5
aa88a436350a9608d7a16a3e9924cbf2
-
SHA1
78b61c04d5693d7f020511a343e76c86e1d1de23
-
SHA256
23ae789d9169bf3c03aa4f4d74170cd64bd5c102976b2080034fb1b126790dd8
-
SHA512
e345882eb1d354a5076b51cbb0890293286e8d4feba3b289f76e050b774db774c6bdec81bdb19ab10292084cd6493f1fed6965a50cd99c943bc41896bb8ec982
-
SSDEEP
98304:ErXOmoDUN43WladjOjFgFEblNHYSxTpirSHcUR43zrwkdA8QJCKC7bN3mb6aZnMw:ErXOumWMOjmFwDRxtYSHdK34kdai7bNs
-
Drops file in Drivers directory
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-