Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
19-05-2024 16:25
Static task
static1
Behavioral task
behavioral1
Sample
5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2.exe
Resource
win11-20240426-en
General
-
Target
5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2.exe
-
Size
297KB
-
MD5
a23f3121c13f8a9fadcfec4733436a96
-
SHA1
13fd9dae6d86caffba189d6e0370fb2678bc949e
-
SHA256
5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2
-
SHA512
48139c57efc06546723294f4ed71a003cd4e45893f804913af6a42477116cc09f15fffbbc6a3c5cc4a9548eb6ccb2ce61b05a1902001ef1945e9f8ae61152ab8
-
SSDEEP
6144:FcEvXrIjTPQqdcXXrDFGylkB8x39HqkHT:FjXrI3vdcXX0Gj39Kkz
Malware Config
Extracted
lumma
https://whispedwoodmoodsksl.shop/api
https://acceptabledcooeprs.shop/api
https://obsceneclassyjuwks.shop/api
https://zippyfinickysofwps.shop/api
https://miniaturefinerninewjs.shop/api
https://plaintediousidowsko.shop/api
https://sweetsquarediaslw.shop/api
https://holicisticscrarws.shop/api
https://boredimperissvieos.shop/api
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2.exe"C:\Users\Admin\AppData\Local\Temp\5e1dd1ac144860cd422b6ce7055f3c045b5375674c0d14f8b954d8cc0dec9fa2.exe"1⤵PID:4788
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4788 -s 11882⤵
- Program crash
PID:3240
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4788 -ip 47881⤵PID:3512