General
-
Target
file
-
Size
727KB
-
Sample
240125-xpw4xsdce3
-
MD5
8b5cf3d102548da37888f34d3d468e27
-
SHA1
823aa91b6e4ecf3bb68a2154a122e6a9ffc7bf89
-
SHA256
3e8e1eae92427c05d36bbc665721382af5972780e0a7cd44e33f63684b1cf3e2
-
SHA512
da525ea8b851739940fcce41fae69b4fa7942c21e2ac7fca79fd468e247c5ce0e8fc105a9288290ff79c064a5d200e7214f67ea070114da1fb335b152a5ac10b
-
SSDEEP
12288:mh1Fk70TnvjcXHKkdNTYkpfxQmclBuFTEAtvqsuIGnyd30w4KA9LdX+/UwS0iSbq:Ak70Trc31dNckBxQmUBuFTEAtCsuI9d8
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231215-en
Malware Config
Extracted
lumma
https://willpoweragreebokkskiew.site/api
https://braidfadefriendklypk.site/api
Targets
-
-
Target
file
-
Size
727KB
-
MD5
8b5cf3d102548da37888f34d3d468e27
-
SHA1
823aa91b6e4ecf3bb68a2154a122e6a9ffc7bf89
-
SHA256
3e8e1eae92427c05d36bbc665721382af5972780e0a7cd44e33f63684b1cf3e2
-
SHA512
da525ea8b851739940fcce41fae69b4fa7942c21e2ac7fca79fd468e247c5ce0e8fc105a9288290ff79c064a5d200e7214f67ea070114da1fb335b152a5ac10b
-
SSDEEP
12288:mh1Fk70TnvjcXHKkdNTYkpfxQmclBuFTEAtvqsuIGnyd30w4KA9LdX+/UwS0iSbq:Ak70Trc31dNckBxQmUBuFTEAtCsuI9d8
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Suspicious use of SetThreadContext
-