General
-
Target
@#!!New_SoftWare_2024_ṔḁṨṨCṏḌḙ#$.exe
-
Size
3.5MB
-
Sample
240421-gq48xsch86
-
MD5
f3926079722ea980ed43703b7e56c578
-
SHA1
c91f413aaed6a2c97cef6ceea4b821faabe35994
-
SHA256
19cf5c9f250d27c1ff53f81a0ebad37428ca71a2647e358c8b3f2bfda102a8ef
-
SHA512
9157bab3d721fbe835250a2b864f7a8ea2a3b4e9e21bc527ca08589bd90446e887fc6797554157419a2efa2466ee30e6171746ee0e71ccfa224395ea33fa7828
-
SSDEEP
98304:ZYnY0iuf1ZByTLpwiaOZu2u3YP21sr7wx4oDIouiIOiUq:ZYnLI1witJu3A5wCoehH3
Static task
static1
Behavioral task
behavioral1
Sample
@#!!New_SoftWare_2024_ṔḁṨṨCṏḌḙ#$.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
@#!!New_SoftWare_2024_ṔḁṨṨCṏḌḙ#$.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
@#!!New_SoftWare_2024_ṔḁṨṨCṏḌḙ#$.exe
Resource
win11-20240412-en
Malware Config
Extracted
lumma
https://harassretunrstiwo.shop/api
https://productivelookewr.shop/api
https://tolerateilusidjukl.shop/api
https://shatterbreathepsw.shop/api
https://shortsvelventysjo.shop/api
https://incredibleextedwj.shop/api
https://alcojoldwograpciw.shop/api
https://liabilitynighstjsko.shop/api
https://demonstationfukewko.shop/api
Targets
-
-
Target
@#!!New_SoftWare_2024_ṔḁṨṨCṏḌḙ#$.exe
-
Size
3.5MB
-
MD5
f3926079722ea980ed43703b7e56c578
-
SHA1
c91f413aaed6a2c97cef6ceea4b821faabe35994
-
SHA256
19cf5c9f250d27c1ff53f81a0ebad37428ca71a2647e358c8b3f2bfda102a8ef
-
SHA512
9157bab3d721fbe835250a2b864f7a8ea2a3b4e9e21bc527ca08589bd90446e887fc6797554157419a2efa2466ee30e6171746ee0e71ccfa224395ea33fa7828
-
SSDEEP
98304:ZYnY0iuf1ZByTLpwiaOZu2u3YP21sr7wx4oDIouiIOiUq:ZYnLI1witJu3A5wCoehH3
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-