General
-
Target
d6c5410b2d9e45c08deaabe2c3e09c65.bin
-
Size
3.4MB
-
Sample
240227-ea23hsfh9t
-
MD5
dae79360413ba6b36b213cc795bff02c
-
SHA1
8dd14ee7f59d367b54b72b19306c71c9540831b3
-
SHA256
253e0758a1beebae3f4c82019717c725f3b03dfb64bef4101c0f5180de40377a
-
SHA512
ed61d97718203de6584d6a4bda6d75bbd29175ee86df26fbeb0cb4fab411b66ba2ea538f8221c90d32fc4574adc11e650d563d0c7c9c8547b9120ee6add0e9dd
-
SSDEEP
49152:jWC4BUtHeO0sFhjVzIVowXS3ikmLmmxbhvEuTglOI6HHefQPQrBqQorMfD+ilVFG:EBUb0sFHzIVoEkctvdET2Pqs0H7dfBm
Behavioral task
behavioral1
Sample
f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75.exe
Resource
win7-20240221-en
Malware Config
Extracted
lumma
https://scandalbasketballoe.shop/api
https://technologyenterdo.shop/api
https://detectordiscusser.shop/api
https://turkeyunlikelyofw.shop/api
https://associationokeo.shop/api
Targets
-
-
Target
f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75.exe
-
Size
5.7MB
-
MD5
d6c5410b2d9e45c08deaabe2c3e09c65
-
SHA1
e7fd29cf3488283bb7b43a31f965b9849c2d55cf
-
SHA256
f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75
-
SHA512
3f4a0ba92a7509a2d84aac0fc4d2c8d80144ccc090c664276acb85db487585419f268bb3b27652cdb88010d72ef5bdf66bf56fbfbdf6f4b4a2b2569cb2c3f325
-
SSDEEP
98304:rdl0LfzHWvOWzAWG6JgBhbwvU4yBSlT+5fge0RMpxkp:rAzHWvNAWG6k4U4yBWq5fWMpI
-
Detect ZGRat V1
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-