Overview
overview
7Static
static
7Alumina.exe
windows7-x64
1Alumina.exe
windows10-2004-x64
1Alumina.exe
windows7-x64
1Alumina.exe
windows10-2004-x64
1CrystalAPI.dll
windows7-x64
1CrystalAPI.dll
windows10-2004-x64
1ICSharpCod...it.dll
windows7-x64
1ICSharpCod...it.dll
windows10-2004-x64
1IronPython...es.dll
windows7-x64
1IronPython...es.dll
windows10-2004-x64
1IronPython.SQLite.dll
windows7-x64
1IronPython.SQLite.dll
windows10-2004-x64
1IronPython.Wpf.dll
windows7-x64
1IronPython.Wpf.dll
windows10-2004-x64
1IronPython.dll
windows7-x64
1IronPython.dll
windows10-2004-x64
1Microsoft.Dynamic.dll
windows7-x64
1Microsoft.Dynamic.dll
windows10-2004-x64
1Microsoft....ta.dll
windows7-x64
1Microsoft....ta.dll
windows10-2004-x64
1Microsoft....ng.dll
windows7-x64
1Microsoft....ng.dll
windows10-2004-x64
1Microsoft....re.dll
windows7-x64
1Microsoft....re.dll
windows10-2004-x64
1Microsoft....ms.dll
windows7-x64
1Microsoft....ms.dll
windows10-2004-x64
1Microsoft....pf.dll
windows7-x64
1Microsoft....pf.dll
windows10-2004-x64
1Mono.Unix.dll
windows7-x64
1Mono.Unix.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows7-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1General
-
Target
Alumina_2.zip
-
Size
13.3MB
-
Sample
240609-zg53zafd72
-
MD5
912954d81f387a34ccd68ee0925da2cc
-
SHA1
3ccaf074c3a1c9aaf6358d0429b39d21c5064d23
-
SHA256
2a6954b5799a682adf8e85719963dc2e5c7426c5a16ff1460599e8981d25dbed
-
SHA512
dd42a6d5d73ea7a971094d97f1897549bd3ce02a0379ed1ea5b7c24d9b7807d0ffa2f28e240e5988319c08e1b13da4bdb8515c873f7f5cd58a91e611ffea7b4b
-
SSDEEP
393216:tdCkolf6v+GawmM4qM+ImWLLCaQrNe/ulF/FurkPu2a5FZ:7w4Gf9pexsGvdugGT
Behavioral task
behavioral1
Sample
Alumina.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Alumina.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
Alumina.exe
Resource
win7-20240419-en
Behavioral task
behavioral4
Sample
Alumina.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
CrystalAPI.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
CrystalAPI.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
ICSharpCode.AvalonEdit.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
ICSharpCode.AvalonEdit.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
IronPython.Modules.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
IronPython.Modules.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
IronPython.SQLite.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
IronPython.SQLite.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
IronPython.Wpf.dll
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
IronPython.Wpf.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
IronPython.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
IronPython.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
Microsoft.Dynamic.dll
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
Microsoft.Dynamic.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
Microsoft.Scripting.Metadata.dll
Resource
win7-20240215-en
Behavioral task
behavioral20
Sample
Microsoft.Scripting.Metadata.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
Microsoft.Scripting.dll
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
Microsoft.Scripting.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
Microsoft.Web.WebView2.Core.dll
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
Microsoft.Web.WebView2.Core.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
Microsoft.Web.WebView2.WinForms.dll
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
Microsoft.Web.WebView2.WinForms.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
Microsoft.Web.WebView2.Wpf.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
Microsoft.Web.WebView2.Wpf.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
Mono.Unix.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
Mono.Unix.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
Newtonsoft.Json.dll
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Alumina.dll
-
Size
33KB
-
MD5
cd594d6f8c45a53c92eba8cee0892b19
-
SHA1
44ed665467454c424602cf386b15ca4c8fad9cf5
-
SHA256
92a8f481156f2b9591443c93396fcc0a7c8178825b30e598e4f9be2c1556a086
-
SHA512
e6316f356e09e05a9f4b8bbe16f5848fc0afbf0b5710deb408585be337de7045f6808fbde7e64976a7836b3e1ba7d2610d19baabf1d25ed1b06a77847c15ec8a
-
SSDEEP
768:s4jLSGZXRB8LnVl1nTKrZlZ0cunYjZk8caDqz40IfeAdQX:3FXGVl1nTKrZH0cugFcaDe40I2AdQX
Score1/10 -
-
-
Target
Alumina.exe
-
Size
137KB
-
MD5
34a8c4c1a43a3aaa85df844d28ebeb1a
-
SHA1
647d4f18a53607aec807ac98dd8dd4e2cdfc8fef
-
SHA256
c931ddad142e4f79b323c08494cc35800a7e934e56f02150fb42db8ea0becbff
-
SHA512
6c3bb690b62d2e73b44ebddde837ffc5bb5e2e5a3db130ce9e663c84e3e2d7780b277150046b13df154448c3eb103f2e9bb93dbedd1150cb43dec2f1541fe510
-
SSDEEP
3072:sefQZKfOC31VwyY9egNtfNjJvjmqqF7Hb/LMm5MoDn:sDewyY9egLRePYm5j
Score1/10 -
-
-
Target
CrystalAPI.dll
-
Size
54KB
-
MD5
b861de6dc603a9c29937256e1bd2f2c2
-
SHA1
4959f586f3018339ac1c7621c19a8a493012866b
-
SHA256
fc68f949f1d0ec3b649824b3ec70805e56cc13c97c47308975ba0a1c5a24dbc3
-
SHA512
03add2317daff996f03b43f0bedf44db874f22c3c9c59af6f842a11447471f124f191ba5c718c1179d6c626607641fc5221bb409aeab22332a5722ab113ae75d
-
SSDEEP
768:VNOrGXHtf4//3oCcqQxlTnAIkVPNizQnTILi92OxLYPrpJLu30sRvYwiczeTRiy:VCGXC/foDqYBAICFIcuOqJqv1HCTR3
Score1/10 -
-
-
Target
ICSharpCode.AvalonEdit.dll
-
Size
607KB
-
MD5
36bafbe39e16b7827e04c2a75e40999e
-
SHA1
aa677b03098bf2a601e5d8c7c52ce62124d528e0
-
SHA256
d41138d2e17998e77aeba0a5dcdedaaa08c2601aa72db6a6b7b9b56910372515
-
SHA512
caccfa7c357d5bd0e0fce3280b6af4fd5a0f70d7b500176df1ea518ed4cf15b2ecf60efebac5bba175af17efe46b2b2fdd0dede10c8ebbdb4510eebce814c75b
-
SSDEEP
6144:YrbNGioV9q3JxbQ+D0eQ/8NLjdkEJwZCOjka+WPXjWbUORPsXlZjou:8R+q3w+Vo8BdkEJJbI
Score1/10 -
-
-
Target
IronPython.Modules.dll
-
Size
779KB
-
MD5
878fceb8e744235fa7e150c188e1966c
-
SHA1
83a7429c558cce21e044a68f050e660b7432cfcf
-
SHA256
6318392660459aafe5483c2740746882463e803ef69826e60d0b5272d901de04
-
SHA512
c39f31b119857ee4930ac062dec7a7266f43e453b8d1486a419885666119e2b3f88a4bdf12fa3935943dd4111e41d85b72426f403bd9df1fb1ecfc75bb7c18ba
-
SSDEEP
12288:dglLZfXhz/ksSMXb0BgOvlBxKOXl+8B3hsGaVt3zGbhEf2:qbfXhzLSwb4lRy+a2
Score1/10 -
-
-
Target
IronPython.SQLite.dll
-
Size
622KB
-
MD5
dfdb53134f7670740d7efc2368ed5044
-
SHA1
abb8c3fe32ee87ccc4dd3c6e3e417d0c88582f97
-
SHA256
d0d01e60dc3d4e66a4be29ccfce2968d0fd5abc74c494731a3e4e7222f38a99b
-
SHA512
ff80081af10b54e7a2a32c60171378de860d5b55cd9626cf65fed81bc8735a34be01a340bb68b3ac9fa96c5c8ce6c93c48478d3b96456a3512b25fc384971605
-
SSDEEP
12288:bthFb3lVED5jerntyGdb98kKEiDCR1vlNmDNnWe/WiEE/f:525qDsA8VVfWiN/
Score1/10 -
-
-
Target
IronPython.Wpf.dll
-
Size
10KB
-
MD5
ec413641b53a3e242d89a2fecc46c421
-
SHA1
faacf6f98671fec0cd7d1ea3dd53d131b41e6f5c
-
SHA256
09a43b228df75fc479db50a634a9f10029d21bcc6f60d9463e09ffa520b1992d
-
SHA512
1e55a3a9c919bfe1581e166238ebbc7e723808097dd9b2611ce2f6e799e963b99007a72e73ad9663e2021820603e4a6b3d1c66111d602643374449825ff005ea
-
SSDEEP
192:RP0eF3++A1+rmxxbTbngDPH172GMBTqjXZ:ysWTELV72GM4J
Score1/10 -
-
-
Target
IronPython.dll
-
Size
2.1MB
-
MD5
359963191a978df680215a1e5ab23a4f
-
SHA1
fac959c1d7674a035200f0b48175913d3cccc530
-
SHA256
4ffc9bd5d0c1f8b9c07bf13b222d7568acfc664510af44ac66889b90010518eb
-
SHA512
5a3fc39af09998801247e815a57193469e51ac28cb1b40ed1076414a7c988ab1c73f85e99b7105e672e912e43fcc969cee0b3805b1293f5589e744b1b1a54686
-
SSDEEP
24576:Y3gw1dm8uMl19XBsGF1bq6RXzT5gAk6GBbq/0lA+9VAK4OPwoI/8fScj01kfCsXo:AmS26C/Vp9wDDNggnPC
Score1/10 -
-
-
Target
Microsoft.Dynamic.dll
-
Size
814KB
-
MD5
979618dee2e9f258cb5da077e3aef0a9
-
SHA1
af57a2842c4fa39586c7cce05e51052465f61ed5
-
SHA256
b2969ba949f88e88287b96f997746d32cc42b31360d4f9434acdc4dbddd6c644
-
SHA512
b8c5467cd39e9cbd1b12c5defa3d9ff2fc3665966cc17aa1539c88e9154c6f8be20c246ac7fcb234e7b40dedae65d03ca8ade2dc688945176bedc7cfd59cbd48
-
SSDEEP
12288:t8nO/r04/s9jo2+KNKeLCDBc4BnxKeC+Em:t8O/r04/io2tCDB92
Score1/10 -
-
-
Target
Microsoft.Scripting.Metadata.dll
-
Size
87KB
-
MD5
42f2b5fcc2bc1a2ea43f6a4c31b74d5e
-
SHA1
154b3a152151136aed39ba2d15132abd865eb768
-
SHA256
74f1812c4bac23505cd329b61caa560de9f55bcad2a7db3262222471910bcd0e
-
SHA512
03d882750262003f6b734aec9e99ab2097c2072911467925f8e767bba45f777febe59410db6596b59b66223e87885391f51d7e4bf1682a9776c6b7fd82b3bc5a
-
SSDEEP
1536:h/Qvp/w/iG0pHF2k/9HAYxAEFVUF4T0LrdknXgIC/:tQJw/D0y+HtmrdkO/
Score1/10 -
-
-
Target
Microsoft.Scripting.dll
-
Size
133KB
-
MD5
883fe2b3280eac11f39ba25fb03b7883
-
SHA1
3e7b46e744ffcdf61e42a95e7f420375b8c52ee1
-
SHA256
6e74a54398d91b5457b359bbd3fb5c48d8524229aca1580562e1703d5f0e61e4
-
SHA512
d928d5c27afc2077facba84d5f141db7fc22e54ea259e3cffd9c611a040730383cd5b7905c6b59daae13c2503852660f52b1a640753db99b24c2109fc9c6a27d
-
SSDEEP
3072:x0ejHq6O4//9R7tlU6SL8z+cv9GJz0h6qygLrX:aejvRJlwL8Sq9GJDDg
Score1/10 -
-
-
Target
Microsoft.Web.WebView2.Core.dll
-
Size
488KB
-
MD5
851fee9a41856b588847cf8272645f58
-
SHA1
ee185a1ff257c86eb19d30a191bf0695d5ac72a1
-
SHA256
5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca
-
SHA512
cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f
-
SSDEEP
12288:W/TcW1virB3ye+iKzORFNgeA+imQ9pRFZNIEJdIElxPrEIgcvLcglxMwCepM1STy:W/1C4I
Score1/10 -
-
-
Target
Microsoft.Web.WebView2.WinForms.dll
-
Size
37KB
-
MD5
4cf94ffa50fd9bdc0bb93cceaede0629
-
SHA1
3e30eca720f4c2a708ec53fd7f1ba9e778b4f95f
-
SHA256
50b2e46c99076f6fa9c33e0a98f0fe3a2809a7c647bb509066e58f4c7685d7e6
-
SHA512
dc400518ef2f68920d90f1ce66fbb8f4dde2294e0efeecd3d9329aa7a66e1ab53487b120e13e15f227ea51784f90208c72d7fbfa9330d9b71dd9a1a727d11f98
-
SSDEEP
768:SNGbP6+wTftcZDgcEST3p4Jjrjh2jJFSUyauYv1JKia5/Zi/WGQKVu6bRaMBo0wx:OGm+otcZDgcEST3p4JjrjaJFSUyau01U
Score1/10 -
-
-
Target
Microsoft.Web.WebView2.Wpf.dll
-
Size
43KB
-
MD5
34ec990ed346ec6a4f14841b12280c20
-
SHA1
6587164274a1ae7f47bdb9d71d066b83241576f0
-
SHA256
1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409
-
SHA512
b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0
-
SSDEEP
768:1n/WlAKj4s0TV09797+nXDheteXBxc78OSW3Z8lcDP/ryEH0UBy4JjrD1h2j5h3E:1+msYXR3sZ8lcDP/ryEH0UBy4JjrD1aU
Score1/10 -
-
-
Target
Mono.Unix.dll
-
Size
185KB
-
MD5
62242a8dfcb2ff6a6d52994b49a08bb8
-
SHA1
a41570356ee9e7639f0a7d76b744c0eec3962e6a
-
SHA256
99bafdcab6e98708f76d6359c7b855994680385de3d6d2f0eb86d891f13074ff
-
SHA512
6e42d9fef428371f75b8c7e0707b005bfc27ab42c17f63e5dcc17fadfd6a124b416d23a0055dcbcf6c529b814c736e891c7eb187a3567635e1165941a60a6a83
-
SSDEEP
3072:2urZ6vJBxv8DZJzREDnguJHr0m1fcszJ3TXPnRxnnEg77MLV9TfiSVePoACq:2Ierv8VtCx0m1fcszTXPEq
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
695KB
-
MD5
195ffb7167db3219b217c4fd439eedd6
-
SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8
-
SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
-
SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
-
SSDEEP
12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score1/10 -