General
-
Target
e23f4ad89ec5f09cfc475f14349bcc6aeaa73f3aaa231db43d4cb6650fb2462d
-
Size
180KB
-
Sample
230116-h4hgrabc43
-
MD5
6aa8662213d40177d8d2900061f69cee
-
SHA1
14ada42f9c6255d6b0349ff539f7c46c93eb3d20
-
SHA256
49ac8e4a898376ce13712dcad6434497543edf035e8e371424b1d0a009a9a3f7
-
SHA512
be3d2f0fad922131e65d74c1a499c29e8b3739614fb7369e5e58ec915a5f05d8c34d716e573ddf293ac132d70fdcd3be3c73e22752904729887ccd257b97845a
-
SSDEEP
3072:mQ9bFojMumQ3UotRzAO1MtdJarkmHQycQy7ha6kisV89/7bTKS4O8tGpJtiHzfan:m02iQ3UobCtdJahHQ2sY6ku/GS3rpSzi
Static task
static1
Behavioral task
behavioral1
Sample
e23f4ad89ec5f09cfc475f14349bcc6aeaa73f3aaa231db43d4cb6650fb2462d.exe
Resource
win7-20220901-en
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
e23f4ad89ec5f09cfc475f14349bcc6aeaa73f3aaa231db43d4cb6650fb2462d
-
Size
257KB
-
MD5
6d39a370d5b7ed1cd987b61adc89f25d
-
SHA1
0484fb54f0eb45a4c2fc4e3fa9e647353024f482
-
SHA256
e23f4ad89ec5f09cfc475f14349bcc6aeaa73f3aaa231db43d4cb6650fb2462d
-
SHA512
f6fc10e8b6c848afb2bf5ac38ebfb95416f75316ce12a12977aca108cb8101c3f6bfaa5f3ff90a86e9fa62c84c3d3ee729aeff66a4847863e05b55fb4b92c788
-
SSDEEP
6144:ILfHALaKffiAxSYBuAwoQ2sY6nlc/SU4zqQna:ILfgWKf6A4YBftQtY6lGSFP
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-