General
-
Target
url
-
Size
672B
-
Sample
240419-npsl3abd8y
-
MD5
c55b465b076a46cdd9262a61901dbd7a
-
SHA1
d538893d290cc24694e4fa365ffc1978d5611a5e
-
SHA256
d0b23959a96e5c1677aa19b43dd80606fc076979af71bd1a3a63a660e98613d6
-
SHA512
8efb6446db212398a42a609d91f86a94a0bfc0123350c6e989ce98ae801ce33304852c246027a74519e2ba521660fa2a071158bec63d3f8e7aa41f6e88ae77d4
Static task
static1
Malware Config
Extracted
lumma
https://preachbusstyoiwo.shop/api
https://entitlementappwo.shop/api
https://economicscreateojsu.shop/api
https://pushjellysingeywus.shop/api
https://absentconvicsjawun.shop/api
https://suitcaseacanehalk.shop/api
https://bordersoarmanusjuw.shop/api
https://mealplayerpreceodsju.shop/api
https://wifeplasterbakewis.shop/api
Targets
-
-
Target
url
-
Size
672B
-
MD5
c55b465b076a46cdd9262a61901dbd7a
-
SHA1
d538893d290cc24694e4fa365ffc1978d5611a5e
-
SHA256
d0b23959a96e5c1677aa19b43dd80606fc076979af71bd1a3a63a660e98613d6
-
SHA512
8efb6446db212398a42a609d91f86a94a0bfc0123350c6e989ce98ae801ce33304852c246027a74519e2ba521660fa2a071158bec63d3f8e7aa41f6e88ae77d4
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-