Overview
overview
10Static
static
3Setup.exe
windows7-x64
7Setup.exe
windows10-2004-x64
10UIxMarketPlugin.dll
windows7-x64
3UIxMarketPlugin.dll
windows10-2004-x64
1bin/UbuilderB.exe
windows7-x64
1bin/UbuilderB.exe
windows10-2004-x64
7bin/scv.jar
windows7-x64
1bin/scv.jar
windows10-2004-x64
1relay.dll
windows7-x64
1relay.dll
windows10-2004-x64
1General
-
Target
b2fee94f0a0e587185328fc35fda0371d329d2810a169fa6f5e4fa6e1a082814 (1)
-
Size
8.3MB
-
Sample
240115-l6t54segh9
-
MD5
a6662a53b9c5c830e1cc3851ade1fb95
-
SHA1
7309071a95712dd9fe2eb36be0379cc0402043c5
-
SHA256
b2fee94f0a0e587185328fc35fda0371d329d2810a169fa6f5e4fa6e1a082814
-
SHA512
c731b40d61f218ae2b6332de071dfc8216809bb8460dd30a0365b0ad7640c3b6edeb92f2b567edac80c20dcd1f372603ceb300120154a67bc13fc65b4436b091
-
SSDEEP
196608:ZmT9PrVoj206MVY3dgdicD4HfiKjKM5zOAnMn20nBZ:ZeGj16AY3d0icDkfiPAnMn20v
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
UIxMarketPlugin.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
UIxMarketPlugin.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
bin/UbuilderB.exe
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
bin/UbuilderB.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
bin/scv.jar
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
bin/scv.jar
Resource
win10v2004-20231222-en
Behavioral task
behavioral9
Sample
relay.dll
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
relay.dll
Resource
win10v2004-20231215-en
Malware Config
Extracted
lumma
https://goddirtybrilliancece.fun/api
Targets
-
-
Target
Setup.exe
-
Size
2.4MB
-
MD5
9fb4770ced09aae3b437c1c6eb6d7334
-
SHA1
fe54b31b0db8665aa5b22bed147e8295afc88a03
-
SHA256
a05b592a971fe5011554013bcfe9a4aaf9cfc633bdd1fe3a8197f213d557b8d3
-
SHA512
140fee6daf23fe8b7e441b3b4de83554af804f00ecedc421907a385ac79a63164bd9f28b4be061c2ea2262755d85e14d3a8e7dc910547837b664d78d93667256
-
SSDEEP
49152:Y8UMSn5cV2N9LNwtQ5gRR+moI1axGbYj6QAl4ImDkg7d5lROCDG5yzlC97W+uJUM:QMS5hN9OtQ5gRjoI8xGbYj6QAl4gg7dF
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
UIxMarketPlugin.dll
-
Size
3.2MB
-
MD5
904bd445b777ecee5b0691e8aaed84e1
-
SHA1
be361a8504542d0ea88ad1d85f78adea27e42dc0
-
SHA256
8a5f58466ec349f8c7277ad80ab1f58514f653646cf9a4117879b056dc3bcb58
-
SHA512
701fcd4a2f56f9f166c73b5430dd57af86ef29c20a271033acee25ff1e75cfe20be2f2620c9b10ebe014eb46f1585c9f36c0fbf649c7a493c08b685325ba9248
-
SSDEEP
98304:8ZH7FZk7LP2nyh9VgFdJYZL6N8gPVIA8wuSgKTXTT3vlpS+EyYLgTjzKlgknJ1gl:ZLud1S4JhXTT3vlpjQAu9L7sx
Score3/10 -
-
-
Target
bin/UbuilderB.dll
-
Size
3.6MB
-
MD5
f474baf2f922f8485752170cc261a72b
-
SHA1
7e447654e04a91a578a22da5f95d0827e543740e
-
SHA256
2f9a39635d6a379577b073945477609c3ab3656c4adc54a0d7cce23c4432c04f
-
SHA512
5bf9f3ddf527ebe14c610be6e6d525917f8fd7cbc697d1d308044a06ee7587977737c88d8ffc83508d1e8714efb761c05d38ef16037bd63862c419174c3cdd33
-
SSDEEP
98304:D3yMS4vp4iKTBrHJWGs2NyqeoNE/7SRYY6:Dp4iKTVHJack+s
Score7/10-
Modifies file permissions
-
-
-
Target
bin/scv.jar
-
Size
644B
-
MD5
8d94fb4ef8d7abcb571f4a0c40bc8600
-
SHA1
c2f61db774895c92c7e5e3e2e00c146ccb412314
-
SHA256
4c49a4774b4185035a923fa4585e5a9b469a4a1ceb115da738c62d3d0ebf299e
-
SHA512
66d3cbf6fb1f5d84e5f25fb56e6310cbfeca0b4ceaf839b10ffa7cf116c5431495dc2d7c3ff67e466b4730059711acfe40fafd49f163fa7578f70d478d572c03
Score1/10 -
-
-
Target
relay.dll
-
Size
1.5MB
-
MD5
7d2f87123e63950159fb2c724e55bdab
-
SHA1
360f304a6311080e1fead8591cb4659a8d135f2d
-
SHA256
b3483bb771948ed8d3f76faaa3606c8ef72e3d2d355eaa652877e21e0651aa9a
-
SHA512
6cb8d27ebcfdf9e472c0a6fff86e6f4ec604b8f0f21c197ba6d5b76b703296c10c8d7c4fb6b082c7e77f5c35d364bcffd76ae54137e2c8944c1ea7bb9e2e5f08
-
SSDEEP
49152:l2gm39uH+I5/GxEoadcqX7Q9F7r40YB+eTcq+PDXx1lWz0Tq:xmtuH+e/RoadcqX7Qz7rDY8vq+Pbx1lc
Score1/10 -