General
-
Target
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529
-
Size
6.1MB
-
Sample
240421-fgzreaca31
-
MD5
ff48ea9f90dadf5201438b1e9de131b9
-
SHA1
0adcbf8ef9f00875d10f4851fb8a2c23def7d1a4
-
SHA256
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529
-
SHA512
1b4ac86e1315d8fe471aaa33eef9cac4809d48e1b949c1d6adb268b4b75038f8b716faa95575f9c89d98172259d09bad2cc3a85ae709e02d2ea9449b9cfe7d22
-
SSDEEP
98304:YNw/Xb1EVZoSip8lfNLtiyIaHgEPUD1J9IxAwST07NqWifSpO16eKMi+tt3HkDMi:NQgp8FvFHz491SsYQ6r5+tt3BWH9RzKo
Static task
static1
Behavioral task
behavioral1
Sample
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529.exe
Resource
win11-20240412-en
Malware Config
Extracted
lumma
https://greetclassifytalk.shop/api
https://productivelookewr.shop/api
https://tolerateilusidjukl.shop/api
https://shatterbreathepsw.shop/api
https://shortsvelventysjo.shop/api
https://incredibleextedwj.shop/api
https://alcojoldwograpciw.shop/api
https://liabilitynighstjsko.shop/api
https://demonstationfukewko.shop/api
Targets
-
-
Target
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529
-
Size
6.1MB
-
MD5
ff48ea9f90dadf5201438b1e9de131b9
-
SHA1
0adcbf8ef9f00875d10f4851fb8a2c23def7d1a4
-
SHA256
cff5657843fe7039f6e15fbfdb8728b1b752d66503d0564dbe5b3bb4c567a529
-
SHA512
1b4ac86e1315d8fe471aaa33eef9cac4809d48e1b949c1d6adb268b4b75038f8b716faa95575f9c89d98172259d09bad2cc3a85ae709e02d2ea9449b9cfe7d22
-
SSDEEP
98304:YNw/Xb1EVZoSip8lfNLtiyIaHgEPUD1J9IxAwST07NqWifSpO16eKMi+tt3HkDMi:NQgp8FvFHz491SsYQ6r5+tt3BWH9RzKo
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-