General
-
Target
Set-up.exe
-
Size
785.1MB
-
Sample
240225-3sft1afg46
-
MD5
ba0e6b416df17415f3ccd6f7a0848a10
-
SHA1
82b64851271cb6d4770122d1c19b6a7e72aed8af
-
SHA256
31280918bca075062bac6918b91c0ed7a125b4094825e44746723bc7e4c919bc
-
SHA512
5c0be6bbe526e0fac33be3ce196862cf67653f261046bb0e1cd3d3ef9f44ca9384da32b0d0239cfab1496fcaadd3833ce0f673058ac234f99ed9d889e0c56bb7
-
SSDEEP
49152:P+6GEOCYqs7gKN+vcqhC853Tngs+Bds9x6gIpV0ePQBmsQXcgIJm:pGEpY58KN+kovDgs+Bds9PIptXsgR
Static task
static1
Behavioral task
behavioral1
Sample
Set-up.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Set-up.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
#/WeMods.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
#/WeMods.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
lumma
https://technologyenterdo.shop/api
https://detectordiscusser.shop/api
https://turkeyunlikelyofw.shop/api
https://associationokeo.shop/api
Targets
-
-
Target
Set-up.exe
-
Size
785.1MB
-
MD5
ba0e6b416df17415f3ccd6f7a0848a10
-
SHA1
82b64851271cb6d4770122d1c19b6a7e72aed8af
-
SHA256
31280918bca075062bac6918b91c0ed7a125b4094825e44746723bc7e4c919bc
-
SHA512
5c0be6bbe526e0fac33be3ce196862cf67653f261046bb0e1cd3d3ef9f44ca9384da32b0d0239cfab1496fcaadd3833ce0f673058ac234f99ed9d889e0c56bb7
-
SSDEEP
49152:P+6GEOCYqs7gKN+vcqhC853Tngs+Bds9x6gIpV0ePQBmsQXcgIJm:pGEpY58KN+kovDgs+Bds9PIptXsgR
-
XMRig Miner payload
-
Creates new service(s)
-
Stops running service(s)
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
-
-
Target
#/WeMods.exe
-
Size
783.4MB
-
MD5
bba91fc1cbfa4bc4730b57e6534063a5
-
SHA1
c42c7dea1d7ba4fd24252cb9f98728b72dbb191a
-
SHA256
0ad58945a9bd58fd5e779da9365eca6324b42655a8f0e0c19f86508e27c28c6f
-
SHA512
d10fe567dfddc40319feb89d3dd2100bd164ec2cdcb35ce56910e3223548f298266607ff2386f1e4fe982d73520ad427e41353a5cf251802c40bf94bb5eb432e
-
SSDEEP
98304:avGhcV2/1IyDLZU4X5nMh7LnGnYGZGLyS53rPE:aOn/3DlU2nW7zOHsLywI
Score1/10 -