General
-
Target
Setup_Files.rar
-
Size
26.9MB
-
Sample
240705-qkk3ja1fqh
-
MD5
798bf533016391437e08f08c09a6c80c
-
SHA1
4703162579085456d83458d3b737c740413dc7f9
-
SHA256
5abe9787dc4f9b261b50cc212a9ca6bb5d6be8f065ef7bcf77bac6cbb198b3ce
-
SHA512
ffbe03dc2df8d56b57373d15c9a4f015e26734622c2c318905c09b3ead70791a1746f4c602fc8dd792c51f4a9560e047a90f061778f1bdf93f7cba274d4e814f
-
SSDEEP
786432:ZxO+At6AwOmpmAxbSbmpoOig/uixWnNqum671M6:ZBAAAG4KSbm8g/uixWn8umY1/
Static task
static1
Behavioral task
behavioral1
Sample
Setup_Files/Setup.exe
Resource
win7-20240704-en
Malware Config
Extracted
lumma
https://absentjuks.shop/api
Targets
-
-
Target
Setup_Files/Setup.exe
-
Size
662.5MB
-
MD5
59839dad3c13480e4f29ad32afdc8fb1
-
SHA1
2d66cf175875f98784f9be66d832dee8cbad5a69
-
SHA256
002f5b2aa14a46544ac266bc78a348d71480c474fd00bc01708ce1dcba1291ee
-
SHA512
3ae89c0f7c0fba2f0b6f6db95abc12ba4f628a3615ae1fb4a8a402dfa7bc875890eb8c708bb68303eb9dde835572cef2ca45cdd93ff20d279525ba9b8514477e
-
SSDEEP
196608:Dpcugy7TlXNdj+P64+S+rt7hOD6ZJHXg4nhVUGbP4X3bOq2JRuwt:Dpcu7k6FkAZL
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-