General
-
Target
February.scr
-
Size
285KB
-
Sample
240229-wsyaqage61
-
MD5
514f6262b7f8899e97ef176249b1fbe4
-
SHA1
016200acbe6284051a8a00f725fb879e3cc3cc51
-
SHA256
2a9cb02a79b81c7f280b572325626312f007864475364f0f49e9877948ed0815
-
SHA512
d77259b54025a7f06f1645443369f629a9996a05fa7a0393e111e7de9c8bfd453d524336be39dde0c98e1d701925a0780c7e01c4ee1cd2fde506579358f9a008
-
SSDEEP
6144:V0RX62x3N0FXRn9I5Zlll87U72vaq07XdREuEws8TWGKH:WV62lN0FXR65Zln72CqyRwSCl
Static task
static1
Behavioral task
behavioral1
Sample
February.scr
Resource
win7-20240221-en
Malware Config
Extracted
lumma
https://vatleaflettrusteeooj.shop/api
https://turkeyunlikelyofw.shop/api
Targets
-
-
Target
February.scr
-
Size
285KB
-
MD5
514f6262b7f8899e97ef176249b1fbe4
-
SHA1
016200acbe6284051a8a00f725fb879e3cc3cc51
-
SHA256
2a9cb02a79b81c7f280b572325626312f007864475364f0f49e9877948ed0815
-
SHA512
d77259b54025a7f06f1645443369f629a9996a05fa7a0393e111e7de9c8bfd453d524336be39dde0c98e1d701925a0780c7e01c4ee1cd2fde506579358f9a008
-
SSDEEP
6144:V0RX62x3N0FXRn9I5Zlll87U72vaq07XdREuEws8TWGKH:WV62lN0FXR65Zln72CqyRwSCl
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-