General
-
Target
askew.zip
-
Size
3.3MB
-
Sample
240222-km6jcsfd76
-
MD5
cf3eb43b920df93accfbe01fbf419cb6
-
SHA1
1b67e138eb19ca82a0bf2d1545a576de0da1942d
-
SHA256
b3a82223d5358099fa3be275454704dc654230179c48d3963bf8409edd50d3f8
-
SHA512
0899b7226831c70fcfd13a4a2436f3cc2da5c3bdf759f26e2b74d3ba3afb531a541ec8d9fd1b5f451ba9d14e15c6888e69db4b30feedd1837dc8299966ace22e
-
SSDEEP
98304:mbnliaNrm+stC44CHUCEM2382ryWNhZ5Z+X:mbhrNskZM237yWznMX
Static task
static1
Malware Config
Extracted
lumma
https://syncarpiajanapiom.fun/api
https://technologyenterdo.shop/api
https://detectordiscusser.shop/api
https://turkeyunlikelyofw.shop/api
https://associationokeo.shop/api
Targets
-
-
Target
askew.zip
-
Size
3.3MB
-
MD5
cf3eb43b920df93accfbe01fbf419cb6
-
SHA1
1b67e138eb19ca82a0bf2d1545a576de0da1942d
-
SHA256
b3a82223d5358099fa3be275454704dc654230179c48d3963bf8409edd50d3f8
-
SHA512
0899b7226831c70fcfd13a4a2436f3cc2da5c3bdf759f26e2b74d3ba3afb531a541ec8d9fd1b5f451ba9d14e15c6888e69db4b30feedd1837dc8299966ace22e
-
SSDEEP
98304:mbnliaNrm+stC44CHUCEM2382ryWNhZ5Z+X:mbhrNskZM237yWznMX
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-