Overview
overview
10Static
static
3Language/c...1].exe
windows7-x64
Language/c...1].exe
windows10-2004-x64
Language/e...eN.dll
windows7-x64
1Language/e...eN.dll
windows10-2004-x64
1Language/e...32.dll
windows7-x64
1Language/e...32.dll
windows10-2004-x64
1Setup.exe
windows7-x64
5Setup.exe
windows10-2004-x64
10barchan.pptx
windows7-x64
1barchan.pptx
windows10-2004-x64
1madHcNet32.dll
windows7-x64
3madHcNet32.dll
windows10-2004-x64
3mvrSettings32.dll
windows7-x64
3mvrSettings32.dll
windows10-2004-x64
3unrar.dll
windows7-x64
1unrar.dll
windows10-2004-x64
1vcruntime140.dll
windows7-x64
1vcruntime140.dll
windows10-2004-x64
1General
-
Target
#!SetUp_51946--!PassW0rdz#$$.zip
-
Size
9.3MB
-
Sample
240705-2be1pszend
-
MD5
524bcff50fd000f7889ae1142e65b608
-
SHA1
39742864bc4bf5637d7b865026dbcc9fb39aa973
-
SHA256
19c631d05e365c3334e761a9be2280b12016a7bfa5dede76062234bc36fd6767
-
SHA512
4a89dcc39f32966c95e133027eb86a7ccea24ee08d6d11fd31efb32e09559e4fffb9ba186f827908bd983fcedad52de78aee4360e8afa05e645c991fdfe1fe46
-
SSDEEP
196608:NHIGEKvGMdbMWOe10kqXyRUmJr75+Nycd3OJ98hZhzzkvpTRN6sXR01b/UPl:NUUK1e10k0yr5A8swekBt0sO1k
Static task
static1
Behavioral task
behavioral1
Sample
Language/chrome_[1MB]_[1].exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Language/chrome_[1MB]_[1].exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
Language/en-US/AutoWorkplaceN.dll
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
Language/en-US/AutoWorkplaceN.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
Language/en-US/avicap32.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Language/en-US/avicap32.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
Setup.exe
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Setup.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral9
Sample
barchan.pptx
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
barchan.pptx
Resource
win10v2004-20240704-en
Behavioral task
behavioral11
Sample
madHcNet32.dll
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
madHcNet32.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral13
Sample
mvrSettings32.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
mvrSettings32.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral15
Sample
unrar.dll
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
unrar.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral17
Sample
vcruntime140.dll
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
vcruntime140.dll
Resource
win10v2004-20240704-en
Malware Config
Extracted
lumma
https://bittercoldzzdwu.shop/api
Targets
-
-
Target
Language/chrome_[1MB]_[1].exe
-
Size
1.9MB
-
MD5
068cf70414b79cd8bc078497553389ed
-
SHA1
d9778170404ad0435ab82ebba3fb5515831dd17e
-
SHA256
c532ffa77b220ac54083dffb2286c526c2873131448e3a37fe29dbee6aa028b4
-
SHA512
89b69a9c53530605573d7816eb625840404251e9407fa6041492fa5ad21bfe21206f2fa5bb21f4b85017c5a39daabe13f51c615f54ce08fffaeeb5556bdb45ad
-
SSDEEP
49152:9b8W92V8WpGaPIgI0GW5VuwHDoTZyMB0q7ug52I8:mW08WpNPLGY4wHDoTZyMjSF
Score1/10 -
-
-
Target
Language/en-US/AutoWorkplaceN.dll.mui
-
Size
2KB
-
MD5
a311c98e7cb3bc2c6f4ad9ca65e95810
-
SHA1
481168e5c9437731ab632fcacb9c88471c008d6b
-
SHA256
799cf32fc0515a4bcc0388d0d39618d9c67ee67a1c2000d7344c5a8120004e2e
-
SHA512
8eefd67ab748725145db643dab47f608b66582c194e42ed412bfe31f26c36b2bd2c4e157fa1bfaa582c697de267c242e5e809be109c7ab3f61f19bd6812e416a
Score1/10 -
-
-
Target
Language/en-US/avicap32.dll.mui
-
Size
8KB
-
MD5
a5696b2d379fb322c7ee1e18c01ca920
-
SHA1
0063d4f4814d4565334b5937fd83b56287ab413a
-
SHA256
cb852e13a323c8e226b9bccc7786df3c55e4be16d9d63f4911ea0565ac879a9c
-
SHA512
01e93385f90fd0a25d8c7da31704cf8d04596113fbc9c19199506bbb5ba978f974c65a636ea663fec0c32408a931499814f806091ef7b3d9ca59c26fa01cdabd
-
SSDEEP
96:9XIEThBLwopUCfwpyIR3M7Pel5LdDzdlSjrviqEtp9JhZ47/5PYBtTdbhFYIDiqf:KKxy3M7P5vRULZ4S5HTbnWnUrTWQ
Score1/10 -
-
-
Target
Setup.exe
-
Size
3.1MB
-
MD5
b841d408448f2a07f308ced1589e7673
-
SHA1
f5b5095c0ed69d42110df6d39810d12b1fa32a1e
-
SHA256
69a90665113bd73b30360d87f7f6ed2c789a90a67f3b6e86474e21273a64f699
-
SHA512
a689734048109ab7bec9491bbb7781686c19c7885166b3ca2975e2f49e956fcc388cd8ca85a4e5a8bf9efe6056f1e0d80197b7f521d4f0d4cadb10ba9ef1fa93
-
SSDEEP
49152:pvFg5qg9BtIAHE3SM4ahx6LK2SamuZob+tCjNrv8:Jm5qGBHBLRKuZfkjNrv8
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-
-
-
Target
barchan.pptx
-
Size
38KB
-
MD5
92eff45ae68fef7d74adde110468d5f1
-
SHA1
bb3ad15f03f70960374f3c495d69d26c6c9f09b9
-
SHA256
0dbddf219a27ab1311e62aeb0158f95eb53bedede62cd69f065a39d73a44990a
-
SHA512
cd4764b69f5969eb5d26f4d17b8e15cccf4c91710a63015a6c604b4951a2bdee1772b052e2bdfa00307c65cdf3d67d40adcc05c5fc7b402edabe105cf19ff147
-
SSDEEP
768:Vcub1spIlH4pwRLXoGYGUDhVqUoWONslN8CUjG/rC/dFwj/Zv5P9aQWN:SncXmWDsmj2/j/l5Ip
Score1/10 -
-
-
Target
madHcNet32.dll
-
Size
921KB
-
MD5
d22b9da713ab36102c9c3d812af8c12d
-
SHA1
371fdbf6ae6a9a2e5c0560fc94eba3290028a252
-
SHA256
95b538b47e02d0ad2bd15d47efc18695d5e379ef61568b81ef405773d9c199bb
-
SHA512
e5ae51f79403358af60bb3ea663251badac57414813f5537d763b0b95504a393fb2d34c94c4b7328ec13f58e74a7147d3a72e63e62973c4c5d80671be1c8face
-
SSDEEP
24576:TlUbWq3/gquYUJ4Vgv0eUnDaE0efxfXT95:pUR4quYUJ4VgceXE0gxfjv
Score3/10 -
-
-
Target
mvrSettings32.dll
-
Size
1.0MB
-
MD5
d168f18b79f9f33690f011d1deb1e7cf
-
SHA1
cf0d984ce101ec274e65e88fae07daeb26de5a6d
-
SHA256
b7d3bc460a17e1b43c9ff09786e44ea4033710538bdb539400b55e5b80d0b338
-
SHA512
bbf085bcbc3c1c98caba95bdf48051bac18bbd1b7314c7bb55b56e3d423fb34758cc239c237091486cc466123bf02844eaac3b4435cb535af25dc2bca625af71
-
SSDEEP
12288:1wsE8YWuTCipwKm3ZCdX+y0Cg57ZrVmK5UhYX5NN/u3ZeEb+LJkguVl1Y1e:XIWuFKKVuig5jZ5xX5P2bKyguJf
Score3/10 -
-
-
Target
unrar.dll
-
Size
304KB
-
MD5
0f20d49c6211d5995fed4de7fbce06e8
-
SHA1
6ba2e1d8ac2abd6a32b7d70303f5f5a920520baa
-
SHA256
458f266b1aa18a1ffc6808205fabef514a02e6a3b43047c739618bda3b49d17e
-
SHA512
cfda67fe02377fa7fa0bf0251fdb3cbbabafc6f1dea16ff2640679766cd673089435b28ca740009d3bca3685facd7cf3e32260356de12677a97c659ba1226064
-
SSDEEP
6144:k2GkbDaKov/5qrawOZI8uN0f/UVvN3MMdZFmicMtGaGm:k2GkVo35qrawqmG/yMoPmilGa7
Score1/10 -
-
-
Target
vcruntime140.dll
-
Size
94KB
-
MD5
11d9ac94e8cb17bd23dea89f8e757f18
-
SHA1
d4fb80a512486821ad320c4fd67abcae63005158
-
SHA256
e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
-
SHA512
aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778
-
SSDEEP
1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr
Score1/10 -