General
-
Target
9800208795.zip
-
Size
4.2MB
-
Sample
230329-ns91hsgb48
-
MD5
9bd220a2cd78e81231d692cdfefa7854
-
SHA1
8827634a3f486a291d95bc7e44f92c2801697662
-
SHA256
53d49f902b3077da8846e79d49b0b9cd780f781e76037dd23f77959c417a1fc9
-
SHA512
bcdf0062d3abcead139a0fb57382f16eae604fafba92d1cdb4adcc368c74666c5e4e7e33447dc8af35decc4784b21dfced407b6e46e5039920339929ba7b3c9b
-
SSDEEP
98304:c4Wg/430TzURJpHwQ3dwDs9LIoaDN3YAoi0MSU5qH/f:nW+T8Hr3myIoaWPMSWqX
Static task
static1
Behavioral task
behavioral1
Sample
2fc17c5966753c0b6fa31e15399fe8c7adf3f33785dfed3e9a7fae5c9040eaee.exe
Resource
win7-20230220-en
Malware Config
Extracted
lumma
82.118.23.50
Targets
-
-
Target
2fc17c5966753c0b6fa31e15399fe8c7adf3f33785dfed3e9a7fae5c9040eaee
-
Size
313.3MB
-
MD5
3f4533e8364f96b90d7fcb413fc8b57c
-
SHA1
cca3ec3606de5b4973e47ca10ad36742fb3e18ab
-
SHA256
2fc17c5966753c0b6fa31e15399fe8c7adf3f33785dfed3e9a7fae5c9040eaee
-
SHA512
2027d0d09c928420d8cb54af252cef18c2582c4c0602cf7b49322d82c175d4a8a9687e179b907dfb787028f6e00272f458b768c319510e3b963a41ee1f4ef4db
-
SSDEEP
98304:+cyNUURBkRBt1lHzdYnhdowc9cDbuHn5cFO:/ymURCzlHzdLK65D
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-