General
-
Target
a105e53b26d14ee11b4099ca980c3a66.bin
-
Size
6.0MB
-
Sample
240116-dwzc3sdbc5
-
MD5
c2795a045eeba06494145823c6929a6a
-
SHA1
7825145cf3e0a66e9534b661fc17318f30cb3bdf
-
SHA256
b0e34d0561a6b7b89f55141b47cabacdea722767f9d64e141c0f3f73ecf881c9
-
SHA512
78dfd86e55277cc985ccc2fcce9e3cdf28ef07bc2bb918c11049df2a05e2781e393a9e8a0b1cdf57fddfab1711fe85bbeab98f048a6fbb6400c1e2b6a3e1b9da
-
SSDEEP
196608:6S3w8l1mYK6OHxFKqpjYxZYVXW+5NKUqgUcx:P3xlsYKJyq+ZX+GIUcx
Behavioral task
behavioral1
Sample
516fdf7133fbdf91f3cc3ced81bef7ea2c44e18bc2c132c64805b424664f3e0c.exe
Resource
win7-20231129-en
Malware Config
Extracted
lumma
https://goddirtybrilliancece.fun/api
Targets
-
-
Target
516fdf7133fbdf91f3cc3ced81bef7ea2c44e18bc2c132c64805b424664f3e0c.exe
-
Size
6.2MB
-
MD5
a105e53b26d14ee11b4099ca980c3a66
-
SHA1
3401dacbb0c70761ca17b05669e7d45adcfe5c94
-
SHA256
516fdf7133fbdf91f3cc3ced81bef7ea2c44e18bc2c132c64805b424664f3e0c
-
SHA512
1c2fb1e52179cc54b67ad34ca990d612862b0cb2cc63b28c110b2448221d72131ad70cb4043ab566a0eb01626216ba3f036dcdb868a2c27ef67207cb3c23cfde
-
SSDEEP
196608:uXaNgTf9diZv0BM4rd9zCpBYKP7I/KlSPaM:uRTf20zrvzCnYe7I/KlCaM
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-