General
-
Target
wsltty-3.7.0.2-i686-install.exe
-
Size
2.7MB
-
Sample
240705-p45qlsydnj
-
MD5
ccf9e0111109fd964a343904a1747041
-
SHA1
cebc930117814de13b0543e7190a1f5b9bf51dcd
-
SHA256
aba457d49c99294c895f8df69714801019ad69a4931f04c7a5a9c50f0ab122a7
-
SHA512
c2e79ed166eef00afea3371f1b6c03d98669ec7bf05c967fc20fd067be07ed6fbafee23c1f2da3743a6627aa99e8c6537e824a6fdce27d05c5f95279dc930564
-
SSDEEP
49152:f99R4yDjdEns7UmYmw+j98a7TnDEJWnc3AOBwXGwcg6p8baXzGXi:1HHEns7Um9duWDEtQcwW9gDG6S
Static task
static1
Malware Config
Extracted
lumma
https://assignmentygassdyw.shop/api
Targets
-
-
Target
wsltty-3.7.0.2-i686-install.exe
-
Size
2.7MB
-
MD5
ccf9e0111109fd964a343904a1747041
-
SHA1
cebc930117814de13b0543e7190a1f5b9bf51dcd
-
SHA256
aba457d49c99294c895f8df69714801019ad69a4931f04c7a5a9c50f0ab122a7
-
SHA512
c2e79ed166eef00afea3371f1b6c03d98669ec7bf05c967fc20fd067be07ed6fbafee23c1f2da3743a6627aa99e8c6537e824a6fdce27d05c5f95279dc930564
-
SSDEEP
49152:f99R4yDjdEns7UmYmw+j98a7TnDEJWnc3AOBwXGwcg6p8baXzGXi:1HHEns7Um9duWDEtQcwW9gDG6S
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-