General
-
Target
1d19a11b77dccb759dd86f9d0481bc144ea353118865ac8476be21733af1678b
-
Size
565KB
-
Sample
240704-x6z7xaxcph
-
MD5
efdc51a044c4265b8623d212737a4b84
-
SHA1
b26024ce65d9585070b7af5b4e7f4e3647e4be7e
-
SHA256
1d19a11b77dccb759dd86f9d0481bc144ea353118865ac8476be21733af1678b
-
SHA512
a68a83c1054d2b1dfb43144e58ccaddc1f58468e02e2f40978c1fe9119747f737de65930ed3f500c00e9d8ae5e00e42a7a30f8e366af1e58178729536dd514e5
-
SSDEEP
12288:sENv3ccWd6SUCVBsQLyfXgOKyDFzKIHB4ladY8kqqwhyvT5NkeTEWYRqWXYLlmlV:sENvMFd6xuLyfXglOpm
Static task
static1
Behavioral task
behavioral1
Sample
1d19a11b77dccb759dd86f9d0481bc144ea353118865ac8476be21733af1678b.exe
Resource
win7-20240221-en
Malware Config
Extracted
lumma
https://bitchsafettyudjwu.shop/api
Targets
-
-
Target
1d19a11b77dccb759dd86f9d0481bc144ea353118865ac8476be21733af1678b
-
Size
565KB
-
MD5
efdc51a044c4265b8623d212737a4b84
-
SHA1
b26024ce65d9585070b7af5b4e7f4e3647e4be7e
-
SHA256
1d19a11b77dccb759dd86f9d0481bc144ea353118865ac8476be21733af1678b
-
SHA512
a68a83c1054d2b1dfb43144e58ccaddc1f58468e02e2f40978c1fe9119747f737de65930ed3f500c00e9d8ae5e00e42a7a30f8e366af1e58178729536dd514e5
-
SSDEEP
12288:sENv3ccWd6SUCVBsQLyfXgOKyDFzKIHB4ladY8kqqwhyvT5NkeTEWYRqWXYLlmlV:sENvMFd6xuLyfXglOpm
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-