Overview

overview

10

Static

static

10

Аdоbе �...or.exe

windows10-2004-x64

10

Аdоbе �...ts.rtf

windows10-2004-x64

1

Аdоbе �...3d.chm

windows10-2004-x64

1

Аdоbе �...ra.chm

windows10-2004-x64

1

Аdоbе �...hs.chm

windows10-2004-x64

1

Аdоbе �...ht.chm

windows10-2004-x64

1

Аdоbе �...sy.chm

windows10-2004-x64

1

Аdоbе �...an.chm

windows10-2004-x64

1

Аdоbе �...eu.chm

windows10-2004-x64

1

Аdоbе �...ll.chm

windows10-2004-x64

1

Аdоbе �...ng.chm

windows10-2004-x64

1

Аdоbе �...sm.chm

windows10-2004-x64

1

Аdоbе �...sn.chm

windows10-2004-x64

1

Аdоbе �...in.chm

windows10-2004-x64

1

Аdоbе �...ra.chm

windows10-2004-x64

1

Аdоbе �...eb.chm

windows10-2004-x64

1

Аdоbе �...un.chm

windows10-2004-x64

1

Аdоbе �...ta.chm

windows10-2004-x64

1

Аdоbе �...pn.chm

windows10-2004-x64

1

Аdоbе �...or.chm

windows10-2004-x64

1

Аdоbе �...ld.chm

windows10-2004-x64

1

Аdоbе �...or.chm

windows10-2004-x64

1

Аdоbе �...lk.chm

windows10-2004-x64

1

Аdоbе �...tb.chm

windows10-2004-x64

1

Аdоbе �...tg.chm

windows10-2004-x64

1

Аdоbе �...us.chm

windows10-2004-x64

1

Аdоbе �...ky.chm

windows10-2004-x64

1

Аdоbе �...lv.chm

windows10-2004-x64

1

Аdоbе �...ve.chm

windows10-2004-x64

1

Аdоbе �...ha.chm

windows10-2004-x64

1

Аdоbе �...rk.chm

windows10-2004-x64

1

Аdоbе �...pl.chm

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Аdоbе Асtivаtоr.rar

  • Size

    81.6MB

  • Sample

    240529-alhqssbd65

  • MD5

    70aca6363bedf1ae099262e5b1a9ab4e

  • SHA1

    642caa2d8562eaa27665393f986f855fc101509b

  • SHA256

    bbe8024b5679f4d4797c355dc5c2220a51da3adf1165ba21a415e64cf8423edf

  • SHA512

    0e7f97f4c200c88608822e77bad30d0fb6efb71efeaf84651ac76e98c2259a76d652b9689b912431d8a23e612c29199a4c0afa72ba89bd1896128a740a2630a3

  • SSDEEP

    1572864:L/fBwiSYN8oz9V143n12RGzyaHuhWLz7ibCJKRbZw4AKsgcA2s1:L6itNVzv143nUwzyaHhz72EKhZBc81

Score
10/10
lummaploutusstealer

Malware Config

Extracted

Family

lumma

C2

https://ticketgradiencomfj.shop/api

Targets

    • Target

      Аdоbе Асtivаtоr/Adobe_Activator.exe

    • Size

      11.3MB

    • MD5

      31432ef1c55f5fe1a20c7dd894be5e7e

    • SHA1

      238f387160c4b333817fb1e83544362491bd6d16

    • SHA256

      df3a364fb96feac40475962b1c6f9c87445191b9b4123826aa9240439c0f0fd0

    • SHA512

      02362e6267cda7b042ce4d6fcbe09286cb40f401e22d78d2d9353b04f36f3296a8c65ac417fac083f2c8b9bb48bdb34a3f72ac66e0f96b46a096d6e3ed20f22d

    • SSDEEP

      196608:zQAOR5GAycy+CzaayyCV4MCnycqvrCKZ8UFR5:kxRKZxaayyCrey7vrD7FR

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

    • Target

      Аdоbе Асtivаtоr/Help/Windows/en-US/credits.rtf

    • Size

      710KB

    • MD5

      05b931430fd173bd22900dbaa8bbff10

    • SHA1

      af5176ee28dba4777e4ba3bd9351e5acb402b9f3

    • SHA256

      3ce703c36dfc6282c22991519309b921ae8f5b2653561ff3f9c1617dc2d6674e

    • SHA512

      e3fbecb7637bdcbf6045140dfd3359529d223e42ff8b03c1883b8011d9dde307f36e7cf1a4b56baa76e052314baf89a03e1f6036e9a443160db394ddd45fe55e

    • SSDEEP

      6144:HMgRS450MZ1cMa0C6byUnw1ZD63iT/r7Dd0ypdUSKi8Sl:HMgs4CMZ1cMa0C6B2DY0T7Ddd/USKi86

    Score
    1/10
    behavioral2

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3d.chm

    • Size

      120KB

    • MD5

      b5f9ed44f46dc2a2b54baf908b9b9781

    • SHA1

      055edb27199525f84dca0adad555b5809dc70000

    • SHA256

      53136c96a99ec7f237470db34e49742ac99427ed6f2a22045ee9c45ce390bc69

    • SHA512

      d2a6af6df0a945e3439cdbac94ed14e1c93c3fae4a1e3cad907835abae90d0142b04c9d10a0c4a0620178f0d9f31214a45dc864241831b2a64cef371a11a66e9

    • SSDEEP

      3072:x3VpNumKOqLlFz0PNOsD2v8CGFM0Cbzq/bRsSohL3P1:x3Pnizg9D2UC6CUbCSaR

    Score
    1/10
    behavioral3

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dara.chm

    • Size

      166KB

    • MD5

      c1b0257579b0d16fbe0cd2d02dbfaa75

    • SHA1

      b9e2e3ffc55508f931a9f18021b5910edaea8228

    • SHA256

      bde3204ce98ad07f35af5a5d77cb9bcec604ae97b90a261c731e33cd86b4ec65

    • SHA512

      dde6f5b6df6a16362bfbce8ad5467ea26e9fca5fb73d539808902b32f9f6c69a51043fb377d142a77c7d13f4f0d023c6b4dd59a173462bcf67eccee81318f05f

    • SSDEEP

      3072:Bu6oJv2cg2QumsY2pFkMILWKqjWLSK8L2ZyWmD0fy85IMzY:Buf9ZQuzpFkMILWKtS3qBf7FU

    Score
    1/10
    behavioral4

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dchs.chm

    • Size

      159KB

    • MD5

      c5642a52a8a562c0e877a5305c5a5845

    • SHA1

      b29b6bbc0a369174602a67358eeea937e42f1d49

    • SHA256

      8c46faeb2037eb7935d24c880a712e65ab970da67a856d16ff0e7e9d7cab1e07

    • SHA512

      b5bcda70ab3cb8a9349fad02fd995071680b5dcd7b7f77647c68e27657e051e23ac373f74b17dc104ec08fefeb7a52ce3749f42af7bb6834e646a3940d64a171

    • SSDEEP

      3072:f2heZUqskDD7PdZ09rwJMTk0eb5vBFjRczuVllbKa:fBUJD9rwJMTk0eVf9zV

    Score
    1/10
    behavioral5

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dcht.chm

    • Size

      163KB

    • MD5

      cac8a4ed9640b74857a93fb8b77f62e3

    • SHA1

      c214272f9f89b99b44ebc3dafc8c84e3a945495b

    • SHA256

      1b3ae5a0bd843c09ee6662cd7a5f3d5b6f364ebce14afa85b268375df3c9c235

    • SHA512

      eea1cb16aa432e73927fb316f357a021cc10ff3e9e347110e1b6e14995ff07c19425f3d9b73a9b1fd43fe8731488ad4ae767ce2e7e062b5a0d2421d5acc972d4

    • SSDEEP

      3072:Ac/UIB28I0yE5WiOsOtrw8HfgQH8XHsJu0fR3xzTWu8KbjMb+FALzF:ARIB0zE56sONvHfNcXUvZ31qIFALR

    Score
    1/10
    behavioral6

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dcsy.chm

    • Size

      185KB

    • MD5

      b8d7042ddc7225d8292a0c615a3fb23b

    • SHA1

      c6e4b822eed0682e8c1ccd75d0d30c6df0b766d0

    • SHA256

      3003eb4f3d284477ce8eed97e07b123ae06023d441a36fb78e4b69c72d90b0c1

    • SHA512

      4842ce823f5b7e34391febf7fe51916e1081aa8cc2ce4ea77deeb1e1bc83e2279020cee09125a7c8b08dc65035a5fb694f6177c4fe0de4524b2bc21095949605

    • SSDEEP

      3072:/010+OC8shjxkBhaYRP+bq3UUm8N26TdIPJTqTZ9Pe1zIYSnqAlO+Stz6KnSnO:/010kt9kXnR2+EjPJOTZg17SnqES5n6O

    Score
    1/10
    behavioral7

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3ddan.chm

    • Size

      150KB

    • MD5

      3f5ea602a3c7df10f04607bb4036ae91

    • SHA1

      41968743e4d80e8a1d71888dca040a26ab452ea0

    • SHA256

      d2ecb5acf630f64891c85d796cdfc251b83604921a6057c8c747e4d0383c0cbf

    • SHA512

      f8c57b8e8d07b5f88928cd57d07261af89f3e6ec2debf6a3d575fb113809ef31343058e750a81160b9a44ea63852f7ee1cd8d1bfac16919b059b3403086de15c

    • SSDEEP

      3072:kpVTpx2TlTw8sFQMCv57XtzTAmOHt8/YCFPWZlfoUwUGx1fCHMM:kpV+xU8sNg7XhTYm/2VohUc6t

    Score
    1/10
    behavioral8

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3ddeu.chm

    • Size

      177KB

    • MD5

      47a7c297543cd404c3e70086c4f8fd21

    • SHA1

      6616b6298cbda41f896817ed40632cc605767d83

    • SHA256

      770f86dbed72fec9ed81a0882f0fb7ef77d4880f174a03682d932c9f6215cc24

    • SHA512

      1a76ac88571a9e0bd650d5e1d7d67d08fe10e43204b9bcf53bcae1e05894d2e96dbdc149f13c61d9df3d3211448d2810dced45b0fed72c3848089e45da5ef378

    • SSDEEP

      3072:Bwjpf2ZQKm2WEDdvNUZxgpGb6exP5LrlBNh5DNn531iQuASoBJ7/Ob:BwjpfGQK5LhNygpGb/xP51DhlNn5YhAo

    Score
    1/10
    behavioral9

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dell.chm

    • Size

      188KB

    • MD5

      3b29ce38a2bf1d68b9e5f47b224fc208

    • SHA1

      4b7181e8e31e220415b4014be9736a08394211ef

    • SHA256

      d348907c412f241ba167d9b7455af4579816f43f61bc652fd2f948dfa4400904

    • SHA512

      b7ae6fc5f4b2dd0b62dbd0ee18456fadc8381d62b5c152d71661113a3b4f12ae18302b9bb8e14f43301aa435621c7857a1ec4d6abc9edf1cd3a6e7ed0593be7d

    • SSDEEP

      3072:h9TwViy3DBLpdJtSeqMZ84VT0Vodj6MBPtMStodn32knlhRoJyVrBt8KYaq:h9ELTBLpZSeHvVTqVXdndtoJwBt8jL

    Score
    1/10
    behavioral10

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3deng.chm

    • Size

      157KB

    • MD5

      3ecd51de3a504eec21d70ccf865d43dd

    • SHA1

      e36dc69365c8316509bde90bcd85379e088689cb

    • SHA256

      1d80c40950a02fe124d5450f0f2a4b177a497607575b4b13eb06debf958b6cea

    • SHA512

      7d7753c86f808440641f1d8aef255f787d23eb0af0aea886f0f8d85d994dc8a839f5df2f182e934c3508acbfa06de4a0d430df9076f141084fb1fab53f5d6490

    • SSDEEP

      3072:TrTTUcvjPGlZ2LByOsOKYRprh/tIM10HcYLM127AbK2G51wAe:Tr8rZ3lMpRtjYLM1BLm+Ae

    Score
    1/10
    behavioral11

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3desm.chm

    • Size

      152KB

    • MD5

      b7835b96f85d64987c6f4e3f31d839ad

    • SHA1

      74e2d9d11cc07f7be8c973709cb706df42141d85

    • SHA256

      4d50a06d7f04fe32378fa237a9c0ea3b352096a39115d6cd540e73ead6b3bb37

    • SHA512

      7c542e20c5a06012eb40d2ca9afbbeb95f2ac1e7039593caa5ab56687db3efb25c4a0afc4bf03447676ac082460176450007cba86c317e0593fccce716633521

    • SSDEEP

      3072:MTogwY4zUvyhAI0o89AO/JuT5FcPUHU6ULUu+slUv:4CrzUKhN0o8zJuT50WU3yslG

    Score
    1/10
    behavioral12

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3desn.chm

    • Size

      169KB

    • MD5

      73bfe0abbe2128c47ead3c96521a9d70

    • SHA1

      9780c4442a36f716be7b2da42068a7aa8f2d9356

    • SHA256

      78ea2fedd3ef6b2847b59a8d98b371cf82ad728bac19c740a654d1e5b733cc43

    • SHA512

      990b0c741a7166863fa966df7bcbc932d1e2925700e6e13f9fbf2c15cbd4d862f252c599d74074227cf6563a4e0e84a0a1475d88c8cca522aac423e420cbaaf5

    • SSDEEP

      3072:7SBSORLxRgLh1GJr4pGODBnDkHNe7PEAGUSM8XT42wIhev7RDyZAROqtqCb:WEORLxmfKiZDFD9PsPrc2wIA9QLqtqk

    Score
    1/10
    behavioral13

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dfin.chm

    • Size

      164KB

    • MD5

      0efe776961d3b5d75e2f2f2054a01ec0

    • SHA1

      46b6178eec1c2503c7563c6f8b25806327ca4c12

    • SHA256

      cabc965762d678f14e2187bbcb109f2cc796d9a84b9f168cf49dae270136ad99

    • SHA512

      52a6d5a6b20838611f9c1a218e2ea28c44f3fb851fcdacc5ff0e920654bf8a224be6e2671eca6603a29b6117d07c58b05438a0dd9063a9b997e2585575659f93

    • SSDEEP

      3072:0WHIytxYXU1f+dufJeE1sQrwwX5BTihAAD/JmtEqgxm8X8U11hvJT4JuAZREcLo1:0WHIyAqCEBsbwXqhjJ+Ebxm8MULhvIun

    Score
    1/10
    behavioral14

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dfra.chm

    • Size

      171KB

    • MD5

      b7af0f0de555f26450bebdd9f971c838

    • SHA1

      96048e51d0a112c2d6049c8a0752430051bc5b93

    • SHA256

      36da94c497de59e1154391f00dc08f058dbd2b4541c182f2c0abd84021d6f72c

    • SHA512

      1c18045ed1075e22fef6cc3ca31e8736be7845111d31e42d3c2f713637e6759130c11316d95ff2086d519e791ca68e41e6ded131f5304141c642208d5814df98

    • SSDEEP

      3072:gQ1T633ivRFRqnLA82jUqWGIww/RsvZ0UHnzfvKAL6At+dBQz/9:gQ1T6Sv9qcpjUq3fw/qNKAL6AtNz/9

    Score
    1/10
    behavioral15

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dheb.chm

    • Size

      171KB

    • MD5

      60299a0e19fef09eafb629d7b292d9e8

    • SHA1

      c482d3273069d9893bfaa52f3c4021e2335c1c37

    • SHA256

      a9cde2717a6fb7eb8067cbe2546ec0c280a77cb29e78d82bad455dfb0827fe3d

    • SHA512

      49c3f8a373f09a3748c2b1be157b419b93df2ec9f4915c93795cbc9547265bf33e53ced0699dccbecd92d607b4de8c8802a75b097277090752e8f8d355f99234

    • SSDEEP

      3072:d8/BVSC1G6TLjqTUgy+XVb5t3eNv9vTkLe2z7vk41uxMp:ypVSq/qQa/38ueOkfG

    Score
    1/10
    behavioral16

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dhun.chm

    • Size

      188KB

    • MD5

      b1ba2dceefb1136bc33dad92e95d8dd0

    • SHA1

      895819132aada9a9b0f1cff3c367355f4da48d06

    • SHA256

      7fcf4826f4cc668014ed880c8d26c23ee10dbf81986d98ee322fe55014c9f01f

    • SHA512

      d9e38404f8292d03e46f98d59c503f37104cfced4b94418ec16b546eab77b3355ab189fb77f4d6b0126359fef1283ee85c26afe2518a6151f67e835dcf13d85b

    • SSDEEP

      3072:tKe6DfWgwSgT+5zhsoICPAmVBqWU5OLIE71Xc0CZHZVat+6ftwhqdaLaa9L9fgbB:tK3WgE4sob9BqjgIvTZEw6ftwh7LaIyr

    Score
    1/10
    behavioral17

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dita.chm

    • Size

      172KB

    • MD5

      046bd8e4893c7462b1384a099115398d

    • SHA1

      0fd7be5c40ea7013a44ddc3d03ac35a8a759d98c

    • SHA256

      5abffaea028628ea376512e29ef852308cbfd76e142029b93b09187cff33fa27

    • SHA512

      3a8527603b0026e1d03e54e9514e39e7470877ca790dcee34f30e6ae64de058a98c4e1bfe6891eff3ea720af787b1e988979021eacb7b15c67a6cfe1d1965bdb

    • SSDEEP

      3072:vOdDBHzoEV6ev4V1SI1/tidLAeHh/dS0xMBBhncqF3wxxQExuTQ4xd9N:vOHHzo86evY1SIWdbh/d3MBBhn3JwxxC

    Score
    1/10
    behavioral18

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3djpn.chm

    • Size

      203KB

    • MD5

      a6be1b8e22690fa1cfdcdb57a4853313

    • SHA1

      018230bddfe136ee605a09ff7df25d13f2e955e0

    • SHA256

      af6baab4f0d11af7bb470b87ba48fa75dac3eb598eae9d209f067aa46269806c

    • SHA512

      6d037ac358d80916b1084a8ef6ae7eec95f7b6ecc9ee86f1f15b8a5369609c34d430340d7a00f7f35308497d866c56964dd20726303eee55ba54ec6c7189465d

    • SSDEEP

      6144:RLNH/Bq7ZkVKpXG5qWn7Dc20ysx8s8ouHRxWbQAU8sgi:T/Ui5R3n0ysxAJbWbQAax

    Score
    1/10
    behavioral19

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dkor.chm

    • Size

      179KB

    • MD5

      32f13d4a058e08459d971cf4c4b834ea

    • SHA1

      9bcdda89048afd8e10746d19d51dcb7f30ffd142

    • SHA256

      09d6dd19f69509795d778f2fc07cdf7d427e5a037ab3eeb6663de4749f440786

    • SHA512

      09001afa28aafd64be1960ec88e6293b756a09227b93e2157acee7c72c79706d947ee86941553def66250d530d743f711b75bc5132a70877588920ddfc527800

    • SSDEEP

      3072:jeEmkWFPfZ8LLeWqRRFq1sNYN05gEiv51LKB3zcshC6W0Qf5S/aH:jeEifZ8uRPkyUESO9zcsps

    Score
    1/10
    behavioral20

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dnld.chm

    • Size

      148KB

    • MD5

      62068e078faa52511fbe356348ba3d05

    • SHA1

      cbc90d0a9eb18dac6c59e5a0bb86408beef617a7

    • SHA256

      647b8b4302b60454742676a67379a04eadbd6f4df98e2e2f0c46227525855688

    • SHA512

      415b7d664419d2caa18e8d50620fa9a8003ed2b8cba6fab457e4dbc1438496412ccc3e8a0bee8584f951ce728ea09933b4c7cf861ea7e003c2da24a5f805864c

    • SSDEEP

      3072:Z88wa2Tieo3/LBmqs6+q3cIySQBGDPm5rK1gT4ihvVcHd3UvsfzNl6H:Z88wateo3jBwW3cpSQcOWih2H9UUO

    Score
    1/10
    behavioral21

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dnor.chm

    • Size

      163KB

    • MD5

      6ecc2955227353b8682a9af8070e7554

    • SHA1

      0151c705b93145237cc72304983ad89b0fa1debf

    • SHA256

      874fc4d5f13ae6005f2d3f8a865688bd37a1976b9dab15a0391acdb38c11f836

    • SHA512

      0ed0550d3f27d9772826d23d89e42b11c9226b3963f5d4459d3e040e4ad7be5235c91163c11b0f1529c839f1f52f3991c0cb064aad3e6b941b3b9234c651d78c

    • SSDEEP

      3072:EZqVy/FXTiUD/84CDo0Opj75hCDveOGL4KkPvKpJ1aiIeJWgFJ0eazKtMoZU:EZay/FXp/JCDo0OpQ3vKf1nIekMRaXX

    Score
    1/10
    behavioral22

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dplk.chm

    • Size

      186KB

    • MD5

      d4b0b0205a1761aeafdac4215bd12d6c

    • SHA1

      43866eed07382f089dc2975c539b9fbbf18c1293

    • SHA256

      625a8d6940a6248c9d0de39a4cc410f7bae12124f7477ba60fcd966d7df4d3f4

    • SHA512

      f8cfe241a5fce6bfab8584337076a10dc613e119dd3f3a10e5c12dfa37d513566c855a619264fdaaafcda6527aba501afe26c3edad27886190d9b07cc6ede861

    • SSDEEP

      3072:lJjpwlQp+NiyzIrDIs0+M/7yiRbOhOmgh9VQNy7B/oNvph26eQLvzT+:lJ1wlQsNvIMJ/eqZmg6Ny7GNvph2pQLO

    Score
    1/10
    behavioral23

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dptb.chm

    • Size

      168KB

    • MD5

      673fcda96a7235fae29477953ec062e7

    • SHA1

      25cec04c806e545d16d991cf39e3eb9803733a38

    • SHA256

      a9bc055d779feba6a17a7949a9d08e4acc479c21b226a972dc32d33404977118

    • SHA512

      b0f750429ddcd2e56cb7a3cd27549b32798c3df757a783032ab4b18c10a5cfe05a41003841f33e848c3bbbb340c54169a73543e463a091b198e4cc8b81969fab

    • SSDEEP

      3072:rpraXkRe0CxhMBq+RaitUoeqgCbi/gtmIqMrJ9LX6xvVgJ:rpako/xaWweqM/gEI17KxmJ

    Score
    1/10
    behavioral24

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dptg.chm

    • Size

      175KB

    • MD5

      c663c3519d4816719f0e7bb7af3496c6

    • SHA1

      7e1b7e218815470afa44a5a93f9d60fa2f0cd2ca

    • SHA256

      a8aa823a4888236f84a44e130a1e30ce847b0c9cdc35ce884d4e41270ca0eb8b

    • SHA512

      826ec6bfe702dd062f5e9a85d436ce1dd9903af8314b5e9736d9bb56744f9d237269b052a299844e9e3e823afe2af95f3ae5849649bbea606c56219d2a183b8d

    • SSDEEP

      3072:KTITtT0dYRK/v1dP5zNy+o/8v1Lz809z8Ssos6vmaakFmd0nc5rSr0/37b+7nxWY:KTITud7P5zC/8v13ODlzaal0nc58vVWY

    Score
    1/10
    behavioral25

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3drus.chm

    • Size

      177KB

    • MD5

      d91bf2f4b5c56e55d15b058f96497dff

    • SHA1

      54d989e874a82a0766f12bfbcc82a0535ecf6933

    • SHA256

      135393c2a6bcfe3fa8eb18d6202292a1a2c4b0ce85135043c2f7ffcf11d69ad1

    • SHA512

      3cc58fc1fb32de2ff3443ae6cde14d94e29bd1c0ac8e7aae33dbb72ca605d63a454964e122375c97ad3bf88bc08747f29b4ce76f90b4ce1f268c5a6515caa647

    • SSDEEP

      3072:I58P6IQKMteI4iLICk26F8IeS+oqAFgZSbqO7viupueZJ9IzuEuIlzBQNMa5C1PM:I58PQKMTn5k18IMoB1q2v1jn+uFIJ2ND

    Score
    1/10
    behavioral26

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dsky.chm

    • Size

      189KB

    • MD5

      1802d7a3a1b46033b51a66c8bd99d7f4

    • SHA1

      f311165887bf103692d432fe779b41fc70bb07b8

    • SHA256

      1ff297e3d0eaf8838f55d790893abd702da75c0720d7be3ca821ed0698fe5b46

    • SHA512

      118c57d82757dace1e5c2048ece46e3912f8e0c03408fa1e5dfdc357869694750b97663a6e419c0e932d49490e356b436bd4eaa9fbbf35c76014dc599c816171

    • SSDEEP

      3072:a3dvXu/PA6ziMeezGLoFQE5LQqLr5jA+9tjEL/bvup9t8cxir2j0hkVM:a3Z+zzEGGS2qR/9tjEbM8gMgM

    Score
    1/10
    behavioral27

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dslv.chm

    • Size

      168KB

    • MD5

      92dfe1e958d0ba7a31bf74ddca004547

    • SHA1

      964a14c7824bb8ff35f14b1913d21a4414755ed8

    • SHA256

      d5e7ec5a5f7902a759c7f33b8ff7520721227c093f07a3ee2229121e52119442

    • SHA512

      e08159145f0121d8bc78d3ccf11b5b6075c83763a784d3dd6c874518f934501534885c4ab0889cb0056f28475d8d1e9f1f6cdf3cab8cf4f5bfac72a4f86411b4

    • SSDEEP

      3072:MteImYF616lJkqBVEZiyJYZD5MKRt9PJt5f/L8Kme+eQ8UPhkhNYAu4intiyYl7L:m7mYF3UqBWZalqoPJHAfhkoA9xDln

    Score
    1/10
    behavioral28

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dsve.chm

    • Size

      169KB

    • MD5

      fd8972745704381fbac7a6897daffbf2

    • SHA1

      89eb8d1f623d6ffb3e71ac819e423ccde16f8177

    • SHA256

      65be7626e85c1cfe615ad17f00acb04e518002d70303bccb1fe0dee9ae0f46a0

    • SHA512

      54806ac04ec875ce0328ef3cd02b6a990043a61eb76091f0fa8c77833e9d2ada2b4e56a1b94b0674d3be40bdb31d1fef77a67af4d2549a0afef5b19f426f7938

    • SSDEEP

      3072:g/yjPBwEDuf7qNO43ev4hpQ9huUF+AWruVlYOMUai8FtaO/RQJHArjFF4z4gqqK:g/ldzq0dXhuUnWGos8FtaQR0HArJKzI

    Score
    1/10
    behavioral29

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dtha.chm

    • Size

      191KB

    • MD5

      74d454f97fc5211bcbb15106ad7d1dbd

    • SHA1

      089642b332f75d1b1a53dfe61a398d2f2bdc7483

    • SHA256

      2b1d0e3de6706dbe310cb30a642b9d669758f87338a1c096ffe9ff6f41bcc17a

    • SHA512

      3764361c9be53d3326e149f3f4feca5a1d53ed8d5f065dea8282dfab2cfef0188be994f84391fec3d5e95ed2272bd474f5f2b8e586090afa3eeb1a956ca49b28

    • SSDEEP

      3072:XmjzhoquR1iJ5E54XwXGaTtNnF/NPu/JM+RVLycnYIchp7X/d9SjwzsFu4dQgq:XmjVoqzm1Pu/W2VL9n+/R9E3Qgq

    Score
    1/10
    behavioral30

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nv3dtrk.chm

    • Size

      165KB

    • MD5

      fb0f06de3a0fba223fde39137f516fb1

    • SHA1

      0b7421331e3518d1a8c1ace1d47b4629f48161ff

    • SHA256

      9d9be76906a468a0ac675a444aeba268d755d9dc522f2667345c57c5ed0accf2

    • SHA512

      f7bc36ac0700d10aa80a6b6ba77558382f57229f6d7f560d5aa1fa6ed0d690eff86763337207601bfffbdb762cc4e5abb0c76c4a77d9ccd57bd27c99a1b42643

    • SSDEEP

      3072:wHZZXL16Ypo2/SubaeMovV/6axh56Zt9/waUbpntIR1JjMGsE/TfeWlAFNK4BxHT:wHZZRdo2/SubaBovV/JB6ZT/wvtIBdsD

    Score
    1/10
    behavioral31

    • Target

      Аdоbе Асtivаtоr/Help/Windows/nvcpl/nvcpl.chm

    • Size

      130KB

    • MD5

      8c46e168c5c04410c039917f37f4b7d6

    • SHA1

      de9c3a5a4ed3ddad765e2243381e8413846a87ac

    • SHA256

      5274f8740ede13ab0132b8552efa195407577db7e8f785a56d60d0aa64b3f067

    • SHA512

      ba930f3573947bceb87fe7b7ca58a5af1b7f0c466a6b12543af5fe71f45a352da0d3e58f469b2681e6d2ecf923a96647f3dabfafcb66537d6a6ef4e0dc4317e8

    • SSDEEP

      3072:WhrcemGg8C3jfzGOZDq/wIjjTdG2YwqfVYX4qVJb+eyZNTN/:06NFT7NY/lNGhTqoqVJbHyzF

    Score
    1/10
    behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

ploutus
Score
10/10

behavioral1

lummastealer
Score
10/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10