Analysis
-
max time kernel
286s -
max time network
303s -
platform
windows10-1703_x64 -
resource
win10-20231215-en -
resource tags
arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system -
submitted
14/01/2024, 22:18
Static task
static1
Behavioral task
behavioral1
Sample
2434f454559a347b63adf64ca66ac71419e9853739f0c02681861c705f981ce7.exe
Resource
win7-20231129-en
0 signatures
300 seconds
General
-
Target
2434f454559a347b63adf64ca66ac71419e9853739f0c02681861c705f981ce7.exe
-
Size
5.5MB
-
MD5
0ffb48ddc1276dfc5d0959a08eae5e69
-
SHA1
01f4635800cbb8b11234df08d4edce15b7c91053
-
SHA256
2434f454559a347b63adf64ca66ac71419e9853739f0c02681861c705f981ce7
-
SHA512
5551f9440cebfac95b7010d634200db8d8039a08989069f08c4a144b2fb15bc81364a7bff0a45a865ef17df54e061802f2b995e1e059854284dbf6a3162a31d2
-
SSDEEP
98304:4emSUz/6XYWfYfBTc2aRh8sT6+QYnj86CzLP3SK8qJugCeWfIJVG9jtL5Jf+yqW8:4eZU6t0hIhT63ej3KCK8qsgCffIzAL34
Malware Config
Extracted
Family
lumma
C2
https://goddirtybrilliancece.fun/api
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\2434f454559a347b63adf64ca66ac71419e9853739f0c02681861c705f981ce7.exe"C:\Users\Admin\AppData\Local\Temp\2434f454559a347b63adf64ca66ac71419e9853739f0c02681861c705f981ce7.exe"1⤵PID:2052
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2052 -s 9242⤵
- Program crash
PID:4328
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2052 -s 9522⤵
- Program crash
PID:4432
-