General
-
Target
file.exe
-
Size
210KB
-
Sample
230116-es3rrsha76
-
MD5
cf63f83bf1b8fb15c0bfc835b120b4e1
-
SHA1
31e0b9e7c195c51d6885d09e12e7305dc6c6bc95
-
SHA256
ba7571c10be3bf276f9ac556be34fb049b43f63d8558cb29bc9471e56319d7c1
-
SHA512
126434603f57e5f507a0b55076cba2927275739be717c18ed8bff37474c372819417f33bc253619216f5691cfa830879c60aafb5d8607332306a87540e6f6fda
-
SSDEEP
3072:RMXWoVyAIJd5pL+3S3FTL5n+2tSJlHHgGIxcei:RIEBryi3FP99QnMe
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
file.exe
-
Size
210KB
-
MD5
cf63f83bf1b8fb15c0bfc835b120b4e1
-
SHA1
31e0b9e7c195c51d6885d09e12e7305dc6c6bc95
-
SHA256
ba7571c10be3bf276f9ac556be34fb049b43f63d8558cb29bc9471e56319d7c1
-
SHA512
126434603f57e5f507a0b55076cba2927275739be717c18ed8bff37474c372819417f33bc253619216f5691cfa830879c60aafb5d8607332306a87540e6f6fda
-
SSDEEP
3072:RMXWoVyAIJd5pL+3S3FTL5n+2tSJlHHgGIxcei:RIEBryi3FP99QnMe
-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-