a2195e33f9d07b54de351fbb9c706c11f1b49f08a4d6c380d40081539a43a5bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2195e33f9d07b54de351fbb9c706c11f1b49f08a4d6c380d40081539a43a5bb
Size

585KB
MD5

43d5a90d51cb54496209f33d444de007
SHA1

ccfa851b610f67c0d7218f4b7093cc7e59283456
SHA256

a2195e33f9d07b54de351fbb9c706c11f1b49f08a4d6c380d40081539a43a5bb
SHA512

88a5b6e32c6674c42a5931b5061ebe3a27a6f880eb0444e7e61bab592808adf3797a92d04cba786f53e89333745e21e1fe2d13ac2396a28725cb330d0d92d882
SSDEEP

12288:xMLjyr2TZ9l1V7qArW36xjKUyNBWdG6sQDu9Rm5Rg/LIqG2VB6:xYjbNL1oeqkG8u9lpBz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2195e33f9d07b54de351fbb9c706c11f1b49f08a4d6c380d40081539a43a5bb

Lumma config extraction 2 IoCs

Lumma.

resource	yara_rule
sample	Lumma
sample	Lumma1

Files

a2195e33f9d07b54de351fbb9c706c11f1b49f08a4d6c380d40081539a43a5bb
.exe windows:6 windows x86 arch:x86

a238dd5e708b2e5b98247b73320c973d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
ExitProcess
ReleaseSRWLockExclusive

user32

GetDC
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
GetDeviceCaps
GetObjectW
SelectObject

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ