Overview
overview
10Static
static
3Debugs/AlphaFS.dll
windows7-x64
1Debugs/AlphaFS.dll
windows10-2004-x64
1Debugs/License.dll
windows7-x64
1Debugs/License.dll
windows10-2004-x64
1Debugs/New...on.dll
windows7-x64
1Debugs/New...on.dll
windows10-2004-x64
1Debugs/Ver...le.dll
windows7-x64
1Debugs/Ver...le.dll
windows10-2004-x64
1ErrorLog/D...1].exe
windows7-x64
1ErrorLog/D...1].exe
windows10-2004-x64
1Libs/Extreme.Net.dll
windows7-x64
1Libs/Extreme.Net.dll
windows10-2004-x64
1Libs/Injecting.dll
windows7-x64
1Libs/Injecting.dll
windows10-2004-x64
1Libs/libEGL.dll
windows7-x64
1Libs/libEGL.dll
windows10-2004-x64
3Libs/libgc...-1.dll
windows7-x64
3Libs/libgc...-1.dll
windows10-2004-x64
3Setup.exe
windows7-x64
1Setup.exe
windows10-2004-x64
10caret.xls
windows7-x64
1caret.xls
windows10-2004-x64
1msedge_elf.dll
windows7-x64
1msedge_elf.dll
windows10-2004-x64
1test.asp
windows7-x64
3test.asp
windows10-2004-x64
3General
-
Target
#!SetUp_54812--!PassW0rdz#$$.zip
-
Size
3.2MB
-
Sample
240705-t52skathje
-
MD5
d547ec96909be8ede7fabbe20aeb1654
-
SHA1
bceb60e5e6665a28c3778ddc749982f9961f76bb
-
SHA256
f2a58ed8611cf24c04250433ded7715a5a1fa124ebfb68e04513c90e083e4c4f
-
SHA512
06000325144d85c037f7ea6ffd4f5b21fb270100544f3ae806e421ee780b2831257369091f9abb32374797d89e3d5f950f9a8e195094376e5efdcfc289f298cc
-
SSDEEP
49152:7Zplo0azpelfldxqV7vNYvysYE6pzRUhiJO77wMlFOGDaR/BIIcBTaLLCKiFpAvC:l8HEhld8JvNYBYD5J4UMlwGS4JiC5avC
Static task
static1
Behavioral task
behavioral1
Sample
Debugs/AlphaFS.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Debugs/AlphaFS.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
Debugs/License.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
Debugs/License.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
Debugs/Newtonsoft.Json.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Debugs/Newtonsoft.Json.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
Debugs/VersionStable.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Debugs/VersionStable.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral9
Sample
ErrorLog/DirectoryMonitor_[1MB]_[1].exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
ErrorLog/DirectoryMonitor_[1MB]_[1].exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral11
Sample
Libs/Extreme.Net.dll
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
Libs/Extreme.Net.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral13
Sample
Libs/Injecting.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
Libs/Injecting.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral15
Sample
Libs/libEGL.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
Libs/libEGL.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral17
Sample
Libs/libgcc_s_dw2-1.dll
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
Libs/libgcc_s_dw2-1.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral19
Sample
Setup.exe
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
Setup.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral21
Sample
caret.xls
Resource
win7-20240705-en
Behavioral task
behavioral22
Sample
caret.xls
Resource
win10v2004-20240704-en
Behavioral task
behavioral23
Sample
msedge_elf.dll
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
msedge_elf.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral25
Sample
test.asp
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
test.asp
Resource
win10v2004-20240704-en
Malware Config
Extracted
lumma
https://unwielldyzpwo.shop/api
Targets
-
-
Target
Debugs/AlphaFS.dll
-
Size
359KB
-
MD5
f2f6f6798d306d6d7df4267434b5c5f9
-
SHA1
23be62c4f33fc89563defa20e43453b7cdfc9d28
-
SHA256
837f2ceab6bbd9bc4bf076f1cb90b3158191888c3055dd2b78a1e23f1c3aafdd
-
SHA512
1f0c52e1d6e27382599c91ebd5e58df387c6f759d755533e36688b402417101c0eb1d6812e523d23048e0d03548fd0985a3fd7f96c66625c6299b1537c872211
-
SSDEEP
6144:QDyJst+jyCnzLp9hvHsPvPvPvS2JQvlojidPp:QDyJsvCnzZf4U1d
Score1/10 -
-
-
Target
Debugs/License.dll
-
Size
5B
-
MD5
b08a5c34cf0a06615da2ca89010d8b4f
-
SHA1
626a77d86d9d12d1772f788cf67c8e77fd9f797a
-
SHA256
04cc5b3b49a7e9e9b6c66c7be59a20992bf2653746b5d43829c383fb233f88fa
-
SHA512
5dce742cd0f649461b08f8f8018e0fa39ef19e813a74a91f434a15754a4fa8be83096e8fa49cf1828ac011220b7ad3724e7e4ea9cce7937a3168169d8e561b2c
Score1/10 -
-
-
Target
Debugs/Newtonsoft.Json.dll
-
Size
695KB
-
MD5
715a1fbee4665e99e859eda667fe8034
-
SHA1
e13c6e4210043c4976dcdc447ea2b32854f70cc6
-
SHA256
c5c83bbc1741be6ff4c490c0aee34c162945423ec577c646538b2d21ce13199e
-
SHA512
bf9744ccb20f8205b2de39dbe79d34497b4d5c19b353d0f95e87ea7ef7fa1784aea87e10efcef11e4c90451eaa47a379204eb0533aa3018e378dd3511ce0e8ad
-
SSDEEP
12288:WBARJBRZl/j1TbQ7n5WLm4k0X57ZYrgNHgK9C1BSjRlXP36RMGy1NqTU+:WBA/ZTvQD0XY0AJBSjRlXP36RMG7
Score1/10 -
-
-
Target
Debugs/VersionStable.dll
-
Size
154KB
-
MD5
256b4899fe0539473d7822b59c5c7651
-
SHA1
77e43ff036d3b98b248fd6e9d8cf92933db3a1d5
-
SHA256
1679ba211343d60e039a51c0aeb921081fad2a3466645a958da5baa2eeea8d83
-
SHA512
a43c622715e4beb33f9829deb48e3b4165e6d81d00186d01cda4f8347bc9a944c3d074c7eeed6ac527438f1d414870938ae4ec57486cb1b8c828c5a46f1e8378
-
SSDEEP
3072:IXKxDMTm+vt0BGlsvXqW9OxZ6BQTsLaEtF+rdmLvejb:ejm+vtOGWvaWArEtQNb
Score1/10 -
-
-
Target
ErrorLog/DirectoryMonitor_[1MB]_[1].exe
-
Size
1.9MB
-
MD5
76067380db217854920c9652e6276ae1
-
SHA1
10442a38db18218953418b84bb8684a3fa399312
-
SHA256
d74373f86c366409db3392258b552e35477ffd47d968d094abad170663193fc6
-
SHA512
91a42d2196b42515132ccdbc40dec46396995d80da5a44eded2d16fe4350c50a68a2556a80acdccef823bc233b4fa5a88a6423748e9fea2e23795339795857f9
-
SSDEEP
12288:hc6VJx4LOQyQLkoCPs+b4H4APA60jEcflSIQZXDVrZLpYHT:hhJxPQySCod3c8pZzhnYHT
Score1/10 -
-
-
Target
Libs/Extreme.Net.dll
-
Size
121KB
-
MD5
f79f0e3a0361cac000e2d3553753cd68
-
SHA1
4314bcef76fddc9379a8f3a266b37d685d0adb79
-
SHA256
8a6518ab7419fbec3ac9875baa3afb410ad1398c7aa622a09cd9084ec6cadfcd
-
SHA512
c77516e7f5540ecd13fa5d8cecfce34629acecd9b5a445f5f48902c9e823328fa9a6694ecaa39f5b6053de61c2b850c2d87df25357548afaad6ec37eb3e5e355
-
SSDEEP
3072:bdoECIgjBibgp2tBqL0Y++ruXqMG4ih3lbpMqc:bdoECIgUrG
Score1/10 -
-
-
Target
Libs/Injecting.dll
-
Size
507KB
-
MD5
da2b07289f9853d57b19a5299e0e763f
-
SHA1
9f38aa225429081b1a25100177b05dee8cd0a02a
-
SHA256
1d65ed9e476136a6608c7547539cea5b5c888b177ca93aeaa67b2466ada3982a
-
SHA512
466cb7b1e19ac5ebb4c1186bfb74b95ae8b21f621cbd538060c45df1d62520f9b03bad9ce19c30143ad1b04d47bcb1d4235c8d519647ecbcd6ec13b2cf5ddd69
-
SSDEEP
12288:Md+At7LVue0pEt/g+mKCPVIHM9uSLllGKV:M0CiQXmPdIHofwE
Score1/10 -
-
-
Target
Libs/libEGL.dll
-
Size
258KB
-
MD5
3abaa006e1842b5a3cbed2a41476cae8
-
SHA1
717f3cf9e7c07073f41841cd7fa9858b76265b33
-
SHA256
a96cdb651c862120489b30b40a716c3f20b772ac4ba8fc70aaccbb1a568005f2
-
SHA512
84fa2bf370797c7ad2e63287b6e4bb785a88871830ad261ae38afb05cf8bac574f68539bdc0327c3c254a49e52c7da28bc0ee748db99b2f82ca86b08d9f18735
-
SSDEEP
6144:O1w9H8OGFO/vqX/PSOW8ijs9z6Y1gpAOs+4uL68:O1aUFO/vqX/Pz2sb1gpjzv
Score3/10 -
-
-
Target
Libs/libgcc_s_dw2-1.dll
-
Size
153KB
-
MD5
49e51045f2951fd248318ac9f1ccb18e
-
SHA1
7a09bfa925fb2703bba5b26ddeae1ec7e3a481fb
-
SHA256
73b563935d96d328d5e13d05ddc35f24b69237e4c4b7b183ee66aeeb3ccd9c16
-
SHA512
df00015514bbcdd6d0ff9c38485ee65d7700fb7cadd4327d12230d63f078da5e9aa5fd11aec9f8c741bdf7c84c84c38543af1f71ebc12a4477415e2c5ab9deda
-
SSDEEP
3072:kBWuZL07xXI4ZUgZ/aAD4uQWh3C56jn/KutS8t/6aqDDNYt0c:Sw9Y4GVAD40h3f/KutSgGk
Score3/10 -
-
-
Target
Setup.exe
-
Size
1.1MB
-
MD5
f975a2d83d63a473fa2fc5206b66bb79
-
SHA1
e49d21f112ab27ae0953aff30ae122440cf164b9
-
SHA256
6a2d3876003f6c68f824df4f0033564d8c230716908ba2e6c06ea1dd6d5f98e8
-
SHA512
4af4ce56bf131432d488ed112f8858c1e1392d013c6ac0603f2fd70ed513091e35854c0f678efeab7fa9a551517c6b9698f40a92729112de4b852fa3c0c69d64
-
SSDEEP
12288:IbCylcTVPbi7vT1K7n6HpVkg8KHIo5u0K1VmMxEnbuvuY2jTU+LHMA+nk2oG1ts:4lcTVPbikTMkg8KH/mmMxnvfphx8
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-
-
-
Target
caret.xls
-
Size
779KB
-
MD5
4d4b5ccd0ff38d099e68792ee07c4a99
-
SHA1
f529d6bb59e1edd6ee57b7ceca20afaa2272d157
-
SHA256
90b7b1dbc330af1f1d80403bacb25b46506b666aa9182fef90aaec5d612507a7
-
SHA512
b8113fef6c0e7dea4ad6615fa0a451e72f481d72691d9f4001196be7784df8620ea8b7c00456a546204e0540580eaa13a4bb7ed18ef90ba7a7022682573484f6
-
SSDEEP
24576:77Z3f25EtWkLrj3JbYNkORIyRJ505UJ3z1lyhgG:puqJbMkU05UJDGhv
Score1/10 -
-
-
Target
msedge_elf.dll
-
Size
3.9MB
-
MD5
b37d0df4c44e4e1e9502f6b90adbd73d
-
SHA1
2164d4fd7184f2ed4ebb225f2ea36b84c001f7ee
-
SHA256
0b16174a0a47cfcabf5dd427e56355b806467ac3284d5d55f66aa19fbcf91e92
-
SHA512
f5fbb1d506835a4cedd2843a7ff1e1b750ad0c147730e9de521de0c1b67cece4ded32ea0bf153341f9fe6630febb7af785b117d4c49fdfe01e65a18fc450a265
-
SSDEEP
49152:dB3FRoUiZNneKuALVm76f7qOlTVhX9TbvIyULS9j3vZ90tXq+iarIQKf8klU4AXv:7izZu69kO9j/itKUka
Score1/10 -
-
-
Target
test.asp
-
Size
53KB
-
MD5
012206c2a828f8687db2a3e5e878068f
-
SHA1
ee75d067cebca73b982546e1d4c7c7cf32569e8a
-
SHA256
42f229a1430516ca02825a0b8ead2aa296c1a1cd7e1b41165d918e6657fe4ac4
-
SHA512
8a0c894cdf75f675b692a3e5fd0db278536c7b8044490fd1a83b47ca606996d9d36190017f33ff9874e0223dd6e2dbb9f5173c870d501e0ae57fbc2bb6ca323b
-
SSDEEP
768:3N8JIZSJ8vzKXwLldvfFBG+2WXT750jbo7i/mogJFQHEb7KJbvWOzh8S9Dj9qOYG:xhLKgbv350YWaSHWHOF8S9Dj9xDUJvM
Score3/10 -