General
-
Target
file.exe
-
Size
4.8MB
-
Sample
240125-t8sn3aahe6
-
MD5
bb1b77d4280450ce1e7b4217aad3c769
-
SHA1
36ac15b55b045694468434ebde0d748b65f3af01
-
SHA256
73fe0327b943f9b6df757077c1ce09132dafc7a3b7a8b42f9ed4331cff6e8cf1
-
SHA512
01bbe1f1f7a876f4e7f42351892f30155b88847a79863122b5909b16a8e116f203867c05b6d5ca224056f362a84757f32d00fb7b15c9be3f7dfddd895499f15b
-
SSDEEP
98304:cgeNLXGxp/CRfrF8Jyd3D2v1o+/8/pG/1:cpl3D29o+/8xQ
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231215-en
Malware Config
Extracted
lumma
https://vesselspeedcrosswakew.site/api
Targets
-
-
Target
file.exe
-
Size
4.8MB
-
MD5
bb1b77d4280450ce1e7b4217aad3c769
-
SHA1
36ac15b55b045694468434ebde0d748b65f3af01
-
SHA256
73fe0327b943f9b6df757077c1ce09132dafc7a3b7a8b42f9ed4331cff6e8cf1
-
SHA512
01bbe1f1f7a876f4e7f42351892f30155b88847a79863122b5909b16a8e116f203867c05b6d5ca224056f362a84757f32d00fb7b15c9be3f7dfddd895499f15b
-
SSDEEP
98304:cgeNLXGxp/CRfrF8Jyd3D2v1o+/8/pG/1:cpl3D29o+/8xQ
-
Detect ZGRat V1
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-