General
-
Target
a173db1e8568fc4b00f326d52af0fea19c59639c486d9975589edfd8f1a11da1.exe
-
Size
8.3MB
-
Sample
240705-b3abeszalk
-
MD5
9cc0e7d568d15f8f23b06c68ad71be62
-
SHA1
d7b6c018c99448014fe6199244956eafb69405d3
-
SHA256
a173db1e8568fc4b00f326d52af0fea19c59639c486d9975589edfd8f1a11da1
-
SHA512
2483ecb55bd3f126e6229d6dd19a6325430fed845a92294851b3915523a2df4f58fc253a9bedb22841c7c21c3ae54721d940b9cd0b652217a7482205d48dea45
-
SSDEEP
49152:m5N3NXi7s9xkBT9zBalvjBcnSUfTfXVguobKavEeWL7jC5EEfXckQcnt1Ng8Gs8a:ZsrQ9QefrXVgNGkNEEfX2Hc
Static task
static1
Behavioral task
behavioral1
Sample
a173db1e8568fc4b00f326d52af0fea19c59639c486d9975589edfd8f1a11da1.exe
Resource
win7-20240220-en
Malware Config
Extracted
lumma
https://lyingchemicow.shop/api
Targets
-
-
Target
a173db1e8568fc4b00f326d52af0fea19c59639c486d9975589edfd8f1a11da1.exe
-
Size
8.3MB
-
MD5
9cc0e7d568d15f8f23b06c68ad71be62
-
SHA1
d7b6c018c99448014fe6199244956eafb69405d3
-
SHA256
a173db1e8568fc4b00f326d52af0fea19c59639c486d9975589edfd8f1a11da1
-
SHA512
2483ecb55bd3f126e6229d6dd19a6325430fed845a92294851b3915523a2df4f58fc253a9bedb22841c7c21c3ae54721d940b9cd0b652217a7482205d48dea45
-
SSDEEP
49152:m5N3NXi7s9xkBT9zBalvjBcnSUfTfXVguobKavEeWL7jC5EEfXckQcnt1Ng8Gs8a:ZsrQ9QefrXVgNGkNEEfX2Hc
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-