Analysis
-
max time kernel
278s -
max time network
294s -
platform
windows10-1703_x64 -
resource
win10-20231215-en -
resource tags
arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system -
submitted
14/01/2024, 22:26
Static task
static1
Behavioral task
behavioral1
Sample
c807510b37c8650a2a2df4d6965f19be2681b68415e25770b31a098d60dd5200.exe
Resource
win7-20231215-en
0 signatures
300 seconds
General
-
Target
c807510b37c8650a2a2df4d6965f19be2681b68415e25770b31a098d60dd5200.exe
-
Size
5.5MB
-
MD5
f1aae4c72096e3450687b8843af5fcdd
-
SHA1
2b2fe311867179acb6c02f9a43055e10d57d361b
-
SHA256
c807510b37c8650a2a2df4d6965f19be2681b68415e25770b31a098d60dd5200
-
SHA512
3161c92a6cac7437244feb422fdb5332c7e029f1473b8f2fbf40571bb35174a652749f9e4394562a360dea815589bf07ff4cdf15ff0f61678c956c347d65196f
-
SSDEEP
98304:85VeM3KT9YbnSXVxboQokmPgQphPrBCiXGDdYygG+VBbQUyMQXDuYlxCUQEfJe:85KhYbKLk2mTphPGP6H8NEY7plk
Malware Config
Extracted
Family
lumma
C2
https://goddirtybrilliancece.fun/api
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\c807510b37c8650a2a2df4d6965f19be2681b68415e25770b31a098d60dd5200.exe"C:\Users\Admin\AppData\Local\Temp\c807510b37c8650a2a2df4d6965f19be2681b68415e25770b31a098d60dd5200.exe"1⤵PID:2952
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2952 -s 9722⤵
- Program crash
PID:4904
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2952 -s 9842⤵
- Program crash
PID:2736
-