General
-
Target
0ce027e31427cff81bcbe28cd67c5d7c1478beea194829e4266fcc4d3ed6c5f1
-
Size
206KB
-
Sample
230115-nxdswaec38
-
MD5
a375317afc25dee89efc84c83a29f1ce
-
SHA1
6443bee1e629e9e3803c376a261a9399418f57bd
-
SHA256
0ce027e31427cff81bcbe28cd67c5d7c1478beea194829e4266fcc4d3ed6c5f1
-
SHA512
1ac036d91bdabd8e200f4f77dbbafe250c0b11c208c2833a1ecd6a8d2eae92b0183dfdf6fa142a9a2712ee7ba02c6446cfff32b694856033d17d67e387136d43
-
SSDEEP
3072:sXtnvcyAupAu5X+YLmxujtZtKQnoICqGsj5vU1Uvri:oGmpW6mxOztKqLj5vJv
Static task
static1
Behavioral task
behavioral1
Sample
0ce027e31427cff81bcbe28cd67c5d7c1478beea194829e4266fcc4d3ed6c5f1.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
0ce027e31427cff81bcbe28cd67c5d7c1478beea194829e4266fcc4d3ed6c5f1
-
Size
206KB
-
MD5
a375317afc25dee89efc84c83a29f1ce
-
SHA1
6443bee1e629e9e3803c376a261a9399418f57bd
-
SHA256
0ce027e31427cff81bcbe28cd67c5d7c1478beea194829e4266fcc4d3ed6c5f1
-
SHA512
1ac036d91bdabd8e200f4f77dbbafe250c0b11c208c2833a1ecd6a8d2eae92b0183dfdf6fa142a9a2712ee7ba02c6446cfff32b694856033d17d67e387136d43
-
SSDEEP
3072:sXtnvcyAupAu5X+YLmxujtZtKQnoICqGsj5vU1Uvri:oGmpW6mxOztKqLj5vJv
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-