Overview
overview
10Static
static
1Data2.zip
windows7-x64
1Data2.zip
windows10-2004-x64
1hv.exe
windows7-x64
5hv.exe
windows10-2004-x64
10iepdf32.dll
windows7-x64
3iepdf32.dll
windows10-2004-x64
3rhombohedron.ai
windows7-x64
3rhombohedron.ai
windows10-2004-x64
3shovelnose.deb
windows7-x64
3shovelnose.deb
windows10-2004-x64
3General
-
Target
Data2.zip
-
Size
7.0MB
-
Sample
240612-hhtmwstblj
-
MD5
665d5cb8bf03ea4637f8a1eb891237cc
-
SHA1
4d290fd2e61cc68d77511ca7dd31671b019c795b
-
SHA256
ca2b787bb72f0bd9d79013aa93800bfd84c73aad74662c48e69425e4adfb549b
-
SHA512
f4ac9d244f829db32a100d3f7728989120506972df79ac1b9f4996aa7ce68b04a1939aa54702b8b9b36469301b4cd6386871be1ab79d7a1528f4da251899f900
-
SSDEEP
196608:P5BbYhk9QG+Obzpmg96OMh+v31oYOhevg:PnUhNtid996OPoYOqg
Static task
static1
Behavioral task
behavioral1
Sample
Data2.zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Data2.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
hv.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
hv.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
iepdf32.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
iepdf32.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
rhombohedron.ai
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
rhombohedron.ai
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
shovelnose.deb
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
shovelnose.deb
Resource
win10v2004-20240508-en
Malware Config
Extracted
lumma
https://secretiveonnicuw.shop/api
https://liabiliytshareodlkv.shop/api
https://notoriousdcellkw.shop/api
https://conferencefreckewl.shop/api
https://flourhishdiscovrw.shop/api
https://landdumpycolorwskfw.shop/api
https://ohfantasyproclaiwlo.shop/api
https://parallelmercywksoffw.shop/api
https://barebrilliancedkoso.shop/api
Targets
-
-
Target
Data2.zip
-
Size
7.0MB
-
MD5
665d5cb8bf03ea4637f8a1eb891237cc
-
SHA1
4d290fd2e61cc68d77511ca7dd31671b019c795b
-
SHA256
ca2b787bb72f0bd9d79013aa93800bfd84c73aad74662c48e69425e4adfb549b
-
SHA512
f4ac9d244f829db32a100d3f7728989120506972df79ac1b9f4996aa7ce68b04a1939aa54702b8b9b36469301b4cd6386871be1ab79d7a1528f4da251899f900
-
SSDEEP
196608:P5BbYhk9QG+Obzpmg96OMh+v31oYOhevg:PnUhNtid996OPoYOqg
Score1/10 -
-
-
Target
hv.exe
-
Size
8.7MB
-
MD5
480f8cf600f5509595b8418c6534caf2
-
SHA1
dc13258ebb83bdf956523d751f67e29d6e4cf77e
-
SHA256
6d8905ec0b1dfdc0a10d1cce40714ddd73205a09ad390b933ddbecdcf06a4cf2
-
SHA512
f0bd99f68d59e80538fb276945d0f383394cb94a35c6d12ebd3e87061222249f78b9ca75716b33e36b66842b97c71149612111fcb6a8a3bc3a97635b03934aaf
-
SSDEEP
196608:Ywdj1UbkCchr3rlFE8GCWhKUzGZ3gRTFHnBz58//o:Yw91Ubkxhr3rlFHWhKUzGZ3gRTFhzi/o
-
Suspicious use of SetThreadContext
-
-
-
Target
iepdf32.dll
-
Size
4.3MB
-
MD5
f3f6876d132eb277842e31ddc42aa7fa
-
SHA1
9c167a2854ed106b74dff55a30bdefc55b140e9a
-
SHA256
4ba2ddde8a4549d08bfe4441643aa626e84d7653b8ddc6ed61823e78aeb3cdf1
-
SHA512
38b86c745945b0f97461542f89b2570210ddc3fcfeabfe2243a3b861dd80be6641e4b4181956d73926b7926d7c460db8a908ccb912c5209003ee24427aa135f9
-
SSDEEP
98304:lszKnK7RZKZk8AZ1uWhgTsOTbUW5gmTKuCIUePaFownQCICDQ9:dRZkB1WPgmXPa+CICDA
Score3/10 -
-
-
Target
rhombohedron.ai
-
Size
59KB
-
MD5
674dfd74a1bef081bf0da83f893138e5
-
SHA1
2a254cc02fea4c55bbc3133b99a9e2fd03082ae7
-
SHA256
67ff95298e395543ea0c9eeec6bfff81688df379bec578aa31c52d214b385180
-
SHA512
0b2bfbe287a037d46d881a00638a3c272197cf3537bc74169c07c7721cda2bf94927268bfd6cb965ad56e1ac98e3466d809cbc67f2e4d971dd0d7da9568a4cce
-
SSDEEP
768:mw3MXcFaDu4TOhFy3e+BYNuBBwsVMOTeKL7WSX2VZ4kEIs18Ai9my:tkgaDXOhFm/YGBwi57DEdV9my
Score3/10 -
-
-
Target
shovelnose.deb
-
Size
827KB
-
MD5
90b47672d8134f8cc464d83a5cde8d34
-
SHA1
69567e6a2dd5569b8cd2876a275f5d9a2ad8743f
-
SHA256
cc38b5cb522fdf8d2fe5e85c50d72e1b8ac39d36deb157d4bffdda7970c5ba8b
-
SHA512
7dbeb8d4a5674c088fa904a9fdcddf9cb84d41b2d2c887ba38cfcdd1ac30cf4cd8ae28bc33fc3ee51139e78645f7fb580dfaf57e939c4e144b79d507a1d1d90b
-
SSDEEP
12288:WvQVCaTVXT7qj+VOdVqL5Tu/eNwZWNtexC5RAib9wxbQiDm1Yu:S+y+sVqL5TwebNRAibyxbQqu
Score3/10 -