General
-
Target
S0lara.exe
-
Size
800.0MB
-
Sample
240518-wepresfg94
-
MD5
3d458fcc1399e87724710a1684adb522
-
SHA1
7ac664ee89a8c641a41f5d3c3cae77e09391025b
-
SHA256
6310bd6c708d19db5ce039a66a358efd3153fd5e6d37a4ca3004a3962ae2237b
-
SHA512
958ff845ed602c41b46c5b42211d6e72005e51a2597e7f9611135997016bd137bfbbb221fbf9cc9d1f85da5f3383516531d46de046d7e8565ba6149a8c602ef2
-
SSDEEP
24576:xXLuApIgCgQybhuTSuitDMbqNPPjffiecZdAkY8sxere1EAPX:l1fCgQEsTSrmbqNXbiwkY3fEAPX
Static task
static1
Malware Config
Extracted
lumma
https://employeedscratshj.shop/api
Targets
-
-
Target
S0lara.exe
-
Size
800.0MB
-
MD5
3d458fcc1399e87724710a1684adb522
-
SHA1
7ac664ee89a8c641a41f5d3c3cae77e09391025b
-
SHA256
6310bd6c708d19db5ce039a66a358efd3153fd5e6d37a4ca3004a3962ae2237b
-
SHA512
958ff845ed602c41b46c5b42211d6e72005e51a2597e7f9611135997016bd137bfbbb221fbf9cc9d1f85da5f3383516531d46de046d7e8565ba6149a8c602ef2
-
SSDEEP
24576:xXLuApIgCgQybhuTSuitDMbqNPPjffiecZdAkY8sxere1EAPX:l1fCgQEsTSrmbqNXbiwkY3fEAPX
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-