General
-
Target
03e90fb4cf597e899563b5b998fcb606d5630ecb7542dffe6771dcb1b88e5d51
-
Size
210KB
-
Sample
230115-w5s7jaac86
-
MD5
c1421d6a836ddbcd0560462a005a7018
-
SHA1
d97043fadec45054729cb723bbea2b00db911e15
-
SHA256
03e90fb4cf597e899563b5b998fcb606d5630ecb7542dffe6771dcb1b88e5d51
-
SHA512
03306e092695be2d28978b8c983b023c934687859590eba8bd7f8e9280a2f69bcd769da2be36d6dbb371e22b14bc49e81f875d4782a894dc87055d7dca558664
-
SSDEEP
3072:KXW3PspHHs53YoYlffh0arn+oDR0CfFvjKk19cupSr9/i:qxSYoYjF+wxKk19vYr
Static task
static1
Behavioral task
behavioral1
Sample
03e90fb4cf597e899563b5b998fcb606d5630ecb7542dffe6771dcb1b88e5d51.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
03e90fb4cf597e899563b5b998fcb606d5630ecb7542dffe6771dcb1b88e5d51
-
Size
210KB
-
MD5
c1421d6a836ddbcd0560462a005a7018
-
SHA1
d97043fadec45054729cb723bbea2b00db911e15
-
SHA256
03e90fb4cf597e899563b5b998fcb606d5630ecb7542dffe6771dcb1b88e5d51
-
SHA512
03306e092695be2d28978b8c983b023c934687859590eba8bd7f8e9280a2f69bcd769da2be36d6dbb371e22b14bc49e81f875d4782a894dc87055d7dca558664
-
SSDEEP
3072:KXW3PspHHs53YoYlffh0arn+oDR0CfFvjKk19cupSr9/i:qxSYoYjF+wxKk19vYr
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-