General
-
Target
Launcher.rar
-
Size
14.4MB
-
Sample
240113-ckj9caagf4
-
MD5
9b387034acd7e2b00c5de3386423a9d3
-
SHA1
f70f51869a70bcdf565dd14a597d97a4d6ccb181
-
SHA256
dc2c4316631554c86ce0f28331b29817887cf189eda5d720f996562f32519c12
-
SHA512
529e504528bab4697a3b0f2516ca821a11676285d25e6ffcf013e753694d916bb6a821fe9c1e30ced384746dc35cee55baa561cfb60ee7a33f88be42e9fc3952
-
SSDEEP
393216:vWOqmjmZSVn3FPaeYEzfeQRet+uwu+XOl04UCi:vWjEd3FPaeYETaLwEHi
Static task
static1
Behavioral task
behavioral1
Sample
Launcher.rar
Resource
win7-20231215-en
Malware Config
Extracted
lumma
https://goddirtybrilliancece.fun/api
Targets
-
-
Target
Launcher.rar
-
Size
14.4MB
-
MD5
9b387034acd7e2b00c5de3386423a9d3
-
SHA1
f70f51869a70bcdf565dd14a597d97a4d6ccb181
-
SHA256
dc2c4316631554c86ce0f28331b29817887cf189eda5d720f996562f32519c12
-
SHA512
529e504528bab4697a3b0f2516ca821a11676285d25e6ffcf013e753694d916bb6a821fe9c1e30ced384746dc35cee55baa561cfb60ee7a33f88be42e9fc3952
-
SSDEEP
393216:vWOqmjmZSVn3FPaeYEzfeQRet+uwu+XOl04UCi:vWjEd3FPaeYETaLwEHi
-
Detect ZGRat V1
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-