General
-
Target
482f9a21893127c2bf7477236533dc2db007ad1eb1fe6cc9ae7135bc71742abd
-
Size
207KB
-
Sample
230115-rys6qsga48
-
MD5
3a61ec110bb167c8e3a0cac282c1d3e7
-
SHA1
888b06642f643b8b36c5db2b4cda28a17f6affaa
-
SHA256
482f9a21893127c2bf7477236533dc2db007ad1eb1fe6cc9ae7135bc71742abd
-
SHA512
5176bb10cf36e018689f030514cf7180a5ca74c8b63ed12037896813ea4267987f062c825c68d0b0b11aa6e3702ab627c528bf34292f0d19d3a5b572c93bd679
-
SSDEEP
3072:XXtTlv1Y3V7I50QVzPRSRC1VvTdnUx3cOfg6o5W/i:Hj12uVOGvTNUxmI
Static task
static1
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
482f9a21893127c2bf7477236533dc2db007ad1eb1fe6cc9ae7135bc71742abd
-
Size
207KB
-
MD5
3a61ec110bb167c8e3a0cac282c1d3e7
-
SHA1
888b06642f643b8b36c5db2b4cda28a17f6affaa
-
SHA256
482f9a21893127c2bf7477236533dc2db007ad1eb1fe6cc9ae7135bc71742abd
-
SHA512
5176bb10cf36e018689f030514cf7180a5ca74c8b63ed12037896813ea4267987f062c825c68d0b0b11aa6e3702ab627c528bf34292f0d19d3a5b572c93bd679
-
SSDEEP
3072:XXtTlv1Y3V7I50QVzPRSRC1VvTdnUx3cOfg6o5W/i:Hj12uVOGvTNUxmI
-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-