Overview
overview
10Static
static
1Cutor2.rar
windows7-x64
7Cutor2.rar
windows10-2004-x64
3Cutor.exe
windows7-x64
7Cutor.exe
windows10-2004-x64
10$INTERNET_...rrives
windows7-x64
1$INTERNET_...rrives
windows10-2004-x64
1$INTERNET_...Aspect
windows7-x64
1$INTERNET_...Aspect
windows10-2004-x64
1$INTERNET_CACHE/Blond
windows7-x64
1$INTERNET_CACHE/Blond
windows10-2004-x64
1$INTERNET_CACHE/Bone
windows7-x64
1$INTERNET_CACHE/Bone
windows10-2004-x64
1$INTERNET_...onding
windows7-x64
1$INTERNET_...onding
windows10-2004-x64
1$INTERNET_...verage
windows7-x64
1$INTERNET_...verage
windows10-2004-x64
1$INTERNET_...trates
windows7-x64
1$INTERNET_...trates
windows10-2004-x64
1$INTERNET_...cribes
windows7-x64
1$INTERNET_...cribes
windows10-2004-x64
1$INTERNET_...lowing
windows7-x64
1$INTERNET_...lowing
windows10-2004-x64
1$INTERNET_...Immune
windows7-x64
1$INTERNET_...Immune
windows10-2004-x64
1$INTERNET_CACHE/K
windows7-x64
1$INTERNET_CACHE/K
windows10-2004-x64
1$INTERNET_CACHE/Kay
windows7-x64
1$INTERNET_CACHE/Kay
windows10-2004-x64
1$INTERNET_...untain
windows7-x64
1$INTERNET_...untain
windows10-2004-x64
1$INTERNET_CACHE/Oils
windows7-x64
1$INTERNET_CACHE/Oils
windows10-2004-x64
1General
-
Target
Cutor2.rar
-
Size
1017KB
-
Sample
240520-s5bqpsgf3x
-
MD5
fd568152aff79fb265c5b36d48195171
-
SHA1
15fb2f5416dc915d093bc8eaabf87bcffb42ca82
-
SHA256
770085623b4d362d143b631396d03255197cdfdff9b239a4668e75a611e0cc53
-
SHA512
49deb80ec3cd30c39176f826dcf2a6743fb3e25e83f80bac22870cf39aa2363b40633ab52ee89697038f62190582af55eb98b6e46a4e5bc3cec6d6674a2c207a
-
SSDEEP
24576:XxEgGE0DPES0Sf82J6C2rj5RljXJ6qXWI3MN/bj0mOjZBY:ByE0bE3c8dfrj5RljXJ6KWIablsY
Static task
static1
Behavioral task
behavioral1
Sample
Cutor2.rar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Cutor2.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Cutor.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Cutor.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$INTERNET_CACHE/Arrives
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
$INTERNET_CACHE/Arrives
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$INTERNET_CACHE/Aspect
Resource
win7-20240215-en
Behavioral task
behavioral8
Sample
$INTERNET_CACHE/Aspect
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$INTERNET_CACHE/Blond
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$INTERNET_CACHE/Blond
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$INTERNET_CACHE/Bone
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$INTERNET_CACHE/Bone
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$INTERNET_CACHE/Corresponding
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$INTERNET_CACHE/Corresponding
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$INTERNET_CACHE/Coverage
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
$INTERNET_CACHE/Coverage
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
$INTERNET_CACHE/Demonstrates
Resource
win7-20240215-en
Behavioral task
behavioral18
Sample
$INTERNET_CACHE/Demonstrates
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$INTERNET_CACHE/Describes
Resource
win7-20231129-en
Behavioral task
behavioral20
Sample
$INTERNET_CACHE/Describes
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
$INTERNET_CACHE/Following
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
$INTERNET_CACHE/Following
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
$INTERNET_CACHE/Immune
Resource
win7-20240215-en
Behavioral task
behavioral24
Sample
$INTERNET_CACHE/Immune
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
$INTERNET_CACHE/K
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
$INTERNET_CACHE/K
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
$INTERNET_CACHE/Kay
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
$INTERNET_CACHE/Kay
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
$INTERNET_CACHE/Mountain
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$INTERNET_CACHE/Mountain
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
$INTERNET_CACHE/Oils
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
$INTERNET_CACHE/Oils
Resource
win10v2004-20240508-en
Malware Config
Extracted
lumma
https://employeedscratshj.shop/api
Targets
-
-
Target
Cutor2.rar
-
Size
1017KB
-
MD5
fd568152aff79fb265c5b36d48195171
-
SHA1
15fb2f5416dc915d093bc8eaabf87bcffb42ca82
-
SHA256
770085623b4d362d143b631396d03255197cdfdff9b239a4668e75a611e0cc53
-
SHA512
49deb80ec3cd30c39176f826dcf2a6743fb3e25e83f80bac22870cf39aa2363b40633ab52ee89697038f62190582af55eb98b6e46a4e5bc3cec6d6674a2c207a
-
SSDEEP
24576:XxEgGE0DPES0Sf82J6C2rj5RljXJ6qXWI3MN/bj0mOjZBY:ByE0bE3c8dfrj5RljXJ6KWIablsY
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
Cutor.exe
-
Size
150.0MB
-
MD5
fc19772f15ec20a93b956318e77df40a
-
SHA1
b6fc61fbb8a0932c906bfb21c5bb247a54a061ef
-
SHA256
bada63237016ce4e5bf28c2efa620430b4c0ac859f00f4996a6a4a166e3220f3
-
SHA512
d8c8a3d7d7fc5cbd368121601fe04f4a4753b917ff379838b086743319a122d6b8a637930e76084cf09828f458372f727d90572eae3eab79dbe6401691d3ae97
-
SSDEEP
24576:fXEUjHrDOMFGcQQ0UDEM8FZ9IWdmKrL6OgEic8rby2N2mzbtt04H:fbjH/OXdvLZKWdtr3L712N2mzbP04H
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$INTERNET_CACHE/Arrives
-
Size
69KB
-
MD5
473722f790596c4d6b159fcd8a4dadef
-
SHA1
20271a29dcab261fee279401cba6b0bab3dc2ef2
-
SHA256
a33baf56fe478318a92035b652b7a7a63721aa119b355fb07e4c2bc3c405cd54
-
SHA512
338337b9d4645580816abb2a042e2698b2cd698d36475d66f88ba461a6d51bc0899fdb36acd3bb944fa35aeec4d3d816eb386e2bc87de771527da415fd89c194
-
SSDEEP
768:Lrkx3zN3AFR97T98+sDkXLAlMoLVNIo8DJWxWWbP75qcaTlKWzhQVNsbSSkLQ7Pe:LYNB3OFTR7bAlHL/4aj5Vf7gqYrui3A
Score1/10 -
-
-
Target
$INTERNET_CACHE/Aspect
-
Size
44KB
-
MD5
156462caf2897d681dad8fe61d1c7279
-
SHA1
a7ed61c1abf6256a339247d5212624d06497051d
-
SHA256
a4d6fcc99632d1ede57a38043e46f4a0e6d60edc10d388acf47de7f186810d6d
-
SHA512
c09be41bdd19d22dc9d7d8259116a1c98f5a37819ac4ea45b4230ca093b34784f397d523fc5ae5f644aa3a35750e0c570af01ef94d34b060da5d18c19a30fd67
-
SSDEEP
192:CoooooooooooooooooooooooooooooooooooooooooooooooEFOiGHwJffX2crFt:UiwxFr9LE/MpfhwHLWAkqLyH3Pe
Score1/10 -
-
-
Target
$INTERNET_CACHE/Blond
-
Size
65KB
-
MD5
499020d7a6695730ade820ec473a7014
-
SHA1
8dbe5dd49c6b527426c41eb8f75c66cc525e8d07
-
SHA256
7b6044b2f019eb7161602f2b177ef387ea22a5fd498f2262e671e6bf1c0418d5
-
SHA512
273c79a06188de53dfeeaad4ee682ffd6afdc255b28df77e867bef2ddfd44528035cd61732192d7cd76359ac71b9e08c4a3cb94368eed8dd07c5a208c74f54da
-
SSDEEP
1536:4RlyxcZqvinN8PsJitgXKUvl8UTcyzJW784Lle+1Y:ylyU8PsYuXtvrhzU78Gle6Y
Score1/10 -
-
-
Target
$INTERNET_CACHE/Bone
-
Size
193KB
-
MD5
124e240a6529b61f018b30adac17553d
-
SHA1
950077be632fde663aacf7636a0ece5c918d2f63
-
SHA256
70e4f36876b997f504b67027be7bb02d9fb5faecf014f603cbe7d5e640631994
-
SHA512
c57ccf9cdcce52cc197fdba2586e9e924823b74cc8491e1cafdf9d74069aa13d4a5dcedaa80804456885bb9fca7ea8beb4a5ebe1ef15c0fb91f5fe127324ab8b
-
SSDEEP
3072:PIlimn4qz2Z8z0wdgSPHAFkEylz6N3WfHHr4c68gcA0om9IO8uuyQuZTofG:Q9nF2S0wD/AFR+6NGj4TvO8hs
Score1/10 -
-
-
Target
$INTERNET_CACHE/Corresponding
-
Size
15KB
-
MD5
24f764a45140ae61b291022b188cad50
-
SHA1
ff59085b23c849d589360dc19df2aa82c5032bd0
-
SHA256
eb85a752452828fe7e83d18dcaa80fdd81b416a3cef1429a8765228bf889738e
-
SHA512
3fd4f1e7c9214687c99400a951101c194067c01fb79107a3381d5c122900571b0a064548a4f9065b2dc14dbe01b8bf871afc860123408ade78a52a22c28bd122
-
SSDEEP
384:djnsRfctrJsnb2Kev0hLk1G+CAiwo8Z8T5RZWfkBTjeVmr5D5+:djnsRf4rJsb25v0hL4G+CAiwo8Z8T5Ra
Score1/10 -
-
-
Target
$INTERNET_CACHE/Coverage
-
Size
63KB
-
MD5
d51d5baf2c9751a080d23ca1d67fc877
-
SHA1
4e03ddd85f9a93d666093fff94296a1e8119b492
-
SHA256
e66104a1f8fa1926811e2c82f16a415584732d80c984bc95472d26663355130f
-
SHA512
048eabdff052549ea0005096109a155e3cbb3cb55e45e7a6b4813637b7390f56f605083c352ad01171c275e1e8a1305d1ed4bc3dd62af15bda2e68bfcceeef85
-
SSDEEP
768:eT+UTcL4qHq25NKEHq9BxyyM0Dj2Bmgari0UPD/3Efrafd0maNBZikj0kkC:83TcvNHq9Bxhgari/D/3EfraF0Hikj0W
Score1/10 -
-
-
Target
$INTERNET_CACHE/Demonstrates
-
Size
21KB
-
MD5
e08e5bf768a64fe55414a7efe75bb98e
-
SHA1
1a4131e823a04c34bb877e1bd2da4747f88c36e6
-
SHA256
5f9e851b902ead6c553929b0747a2e4038c0d47a1a9679b0e66186fcbdcf4145
-
SHA512
920c6db4296d4384d9368313aa9d00d93da69305836cf497bfa864f5907f892b51d6917bd20cf881ed91ac08ad2f3d7768f6dcaf29a4c0c62c526a16eb1653d5
-
SSDEEP
384:Ugikvq6LzykagepHIgiwXMxMWkvQFmY4Uv0FjSkXDylnffltltZZzz11ppz9KvLx:Lq6LqgaHbdMNkNDUySdK8M4INduPbOl
Score1/10 -
-
-
Target
$INTERNET_CACHE/Describes
-
Size
4KB
-
MD5
dab205ef316a75b18e861f7a867e0989
-
SHA1
650f9b788b6213225dc0f8d21236d1b06bde4fc9
-
SHA256
a14ab8b356d3d939c5b2283e3cda3af305d4107e7f178c852e0680457acc269e
-
SHA512
365fa6a6b20c940cee09294c5bfd35c52928874532a5b27e73891a498f1463d84fa0305b2d6a721f67bc39b828379eacfa092df664f73a8f863ae39ef7ae4d8b
-
SSDEEP
96:boZ0HynDXhT0tyCL06En2nuuTb6GDXuzGBb/mMaRgYfDohiWvv9szz:0ZFDuFg68euXsBDmMagYfDohiWvv2zz
Score1/10 -
-
-
Target
$INTERNET_CACHE/Following
-
Size
47KB
-
MD5
82d51a65bbe96f2f9e8e7b6cfb333282
-
SHA1
e8633d184ee93e8792c3ea8b4c1563a126d2dbfc
-
SHA256
654f10643984ab084893f728bf2e713a432a164d97b29e718dfd018d2acece7a
-
SHA512
782b892afbc79ccdfecec5072a96e209b6097d116401fe648dedfad06bd7117011af2fc4032976a0b3c6d5e97f29eb2c34e54020dc0bb8c60fdc9596d1abe46b
-
SSDEEP
768:pKOd+3Avgmy/bJCVKSb279sAOOWNMZmwfHh17McqQHEdQ7iwDIUKo+jQ:hs3AS/4KS+9sAO+kdIlDbKfs
Score1/10 -
-
-
Target
$INTERNET_CACHE/Immune
-
Size
42KB
-
MD5
45ceb552adc3a75aa55a5d7d78b8c0d7
-
SHA1
fc584a0cd566842eb236c9c3b2635d2d4b97a5a9
-
SHA256
dd816a6509a6845e44384860fda4dcad095fac1fb9fdd2e8cceb74fb224dcc91
-
SHA512
39bfb1470e2cc31127f654a07a17827ba19d6aed1c6108a27dffb8d2bf00ccad8124417f662fe714a30461147d4f860ea97f3e45d26c3df5aa266774a73f82e5
-
SSDEEP
768:ub9futLZzWaIxyKw7nxZL96Yk4iARefFilP4Bwh1QwTMvcVPDqdU7SIcB:VzWaIxOv/pAfkF/bIQ2dU7SPB
Score1/10 -
-
-
Target
$INTERNET_CACHE/K
-
Size
47KB
-
MD5
f9596ddb1d9b538409e412b39569212e
-
SHA1
99de9993abb4c4480061a00e3b7a7e0ec9c18efa
-
SHA256
8c9328d2260c23517a1835f80946bf9e2e21db5265905484e0ac4d8b888a6162
-
SHA512
f2fea44814a21507108169f82222a8725fe464c28126edb6edac227f138b406af0d7a19a69738ed3dc7326a44432d93be5124eaad2410c44c54b1e61dbef1afb
-
SSDEEP
768:FhsRqI5o+oyyxVxCaw2F8aP6VOHQznzp8G7bJu1UY3dLi29NcNngX+F+2tzjOrnN:RLDykFIcizp97bA3EKNcpzjIqIinTglX
Score1/10 -
-
-
Target
$INTERNET_CACHE/Kay
-
Size
23KB
-
MD5
9e77f9fc5c1bbae0ade16a1dd8effb21
-
SHA1
dd769a5be09309f4f21e06d04d68185d624195ac
-
SHA256
e3e1f7fb978a9ed404525039fafaf519f0d414a44ddae7e3acd92ad3d3bc11fa
-
SHA512
d04227ffddb76b7ef4e311096ea192252c53be5dfcac97441cddd7be52d056a6dcab4be594ef4d40ed10b45dc50c0f8ac6b0db8dad4a375baa7296e2c15b13d6
-
SSDEEP
384:MidDQxahM2I4kDehJ0IHnHVmE5lTbyuT2sWjtudtIDvFQc:R+aI4kSmEusWjcdeDvFQc
Score1/10 -
-
-
Target
$INTERNET_CACHE/Mountain
-
Size
27KB
-
MD5
1f442fb73d09d937f6bcc25652658aa8
-
SHA1
7d47f3e5573bf12843b9fb8df0a7ecdde10c9dc7
-
SHA256
9b66a4edacc06979e23b7a267eb01e704710dcd2160ac6df16fa2823b1fdf459
-
SHA512
da8c9bbad6be295b3cde5f44db858d2b5a03c2acde0f9f9b582ecb7203b77853916d9d22ebb2056e53d96746e9f3dd7e89616d6cca01fb39744128e4fadac1d9
-
SSDEEP
768:dI3+lUAireuGJiuqlpzS7XN7ywRY1qZxMy:eOYpe7N7nRYyxv
Score1/10 -
-
-
Target
$INTERNET_CACHE/Oils
-
Size
9KB
-
MD5
073f9e2c594b99cfb7ba3880aa680f20
-
SHA1
84e31597a55f99f7e9322353116c2168ddbf3e9f
-
SHA256
e3446f9e24cdc1dade438588b8f6a82b5d66baace47736bfc21212f05d83254d
-
SHA512
7cca73ff39e3c24f281999a1f9c28609c18550af3db0ba5d0bea74aeaa6d570737d9bbc01f3a89de5d934cf8894e75fd81832ac39ae3d59659810e41f5113fa4
-
SSDEEP
192:4fDlCvAFS/MhosvkJAXvf4dtgzgO13VLGTMeG2gEFOtdaX:4fDltc/M2fJAXzzgO1X2gEF2daX
Score1/10 -