General
-
Target
2502f2fb88c1ea569c0b4287ae0613f3.bin
-
Size
2.5MB
-
Sample
240705-bvz7wa1fqe
-
MD5
cfcb05f31416511b29957cec2b01215e
-
SHA1
79e2a88d71a942f31ba78cefa77b365432d56efd
-
SHA256
109a657adb755ec3cd536f673f0c72061ad6fc2bd501170f4d6ff29881cfac96
-
SHA512
aec1f7b63f0d7712c560ffe5298ca35007f32f8f49574a95d3599650958b22671c381dab2b407144773d516de1277d2a17dc3570bcd9e5f54c71500129b48196
-
SSDEEP
49152:spMGjYmCw9mMGWBptishRyHHEAZAspSagfpIecOklfBXvv2aa82NL:vGjYmCwGMpDRIxjpSxpZ7e10NL
Static task
static1
Behavioral task
behavioral1
Sample
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513.exe
Resource
win7-20240611-en
Malware Config
Extracted
lumma
https://stationacutwo.shop/api
Targets
-
-
Target
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513.exe
-
Size
4.9MB
-
MD5
2502f2fb88c1ea569c0b4287ae0613f3
-
SHA1
aae526d8ce17f59366b57d5d00ab5d14140cd6b5
-
SHA256
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513
-
SHA512
7c0e3a6f8322aafa90533bcd2ff5ab2b167ef7c1c8412710c4b3a3b4643cdb0412cf93c561ce1c01a1057643bda336fd3fa64e3a7373d41cc25319d5190ca2d2
-
SSDEEP
49152:HwWM2zE1fkrLilu5l55F+QjEcEAGjz5Ep+8YTpuQynVoj28OBpclaYC4Ihign93:QWlzE1fyLi61kE7piK93
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-