General
-
Target
d0e0173cc55e6c05976a99c9184e8e7b.bin
-
Size
3.3MB
-
Sample
240705-dstcnatenf
-
MD5
c42124848073e38e02e16c811737ec4c
-
SHA1
0db856d21321323d7978273f2b81186719ee4b76
-
SHA256
d6c072aa863f06dce76099d55d3ec2f5400b0dadc9cefa781afe190e41f948e1
-
SHA512
f74fb979d9dfccedc8fbd3db36820e077ad78946679a1d122ef600afd0834c9bc8506aba53e004459e614ac9b2fa030f0dca1349c7719d71b56a7663e6040108
-
SSDEEP
49152:1I2wBMBpEDO8tjzxesDInzFRsfP4mf15JCeVoGL7HB0RsUDmSmgT+9Q5u0y5:1I2YMBpat82eRGHAeH7B0mUDzmgTG/5
Static task
static1
Behavioral task
behavioral1
Sample
a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928.exe
Resource
win7-20240220-en
Malware Config
Extracted
lumma
https://invisibledovereats.shop/api
Targets
-
-
Target
a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928.exe
-
Size
7.1MB
-
MD5
d0e0173cc55e6c05976a99c9184e8e7b
-
SHA1
e6dff80e3fbc138669f2a00d980e56c90168b596
-
SHA256
a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928
-
SHA512
ffa0cfb950354fdfa2e95fe3b0c0ac12780904658fafbb88967be5cd0a208db7ff79c22deef99b0971554348067ea652fc32dc6d36f1118d772d1caf4f43abb2
-
SSDEEP
49152:g/BXLTVIEpSDDXjDU9oAlGSQcqLMmVssAbVSrpcWPME0d0GGlzuO3NzAojj05EiT:CdnV1azs9oAuW7s2FE0/GlS1EV+s9QO
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-