General
-
Target
Setup.exe
-
Size
531KB
-
Sample
240705-yjrspathpr
-
MD5
b1479bd80cbfea3cb5db91c52bba0615
-
SHA1
5669b797bd023efbc6f1e6823a9b1b98f4031ad3
-
SHA256
1dda11a1f85b968ac0cf7b71f31956839690a7134069fe6073062021d53b5023
-
SHA512
3bd87b7deb5cad4f4a89ea366ce6f8c23eb5a5d2f0c079c1d97b9d3a5b98e83e5396f0af1b3cd435fb75d195284856369e7811e5462a2b8f1bc9b55ec7b86f61
-
SSDEEP
12288:+egSWmZ6T5wsKyrrSJSPu4sVDOcotJTGX9w32tsh:+ejFZgtESPuFaU9wGts
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240705-en
Malware Config
Extracted
lumma
https://bitchsafettyudjwu.shop/api
Targets
-
-
Target
Setup.exe
-
Size
531KB
-
MD5
b1479bd80cbfea3cb5db91c52bba0615
-
SHA1
5669b797bd023efbc6f1e6823a9b1b98f4031ad3
-
SHA256
1dda11a1f85b968ac0cf7b71f31956839690a7134069fe6073062021d53b5023
-
SHA512
3bd87b7deb5cad4f4a89ea366ce6f8c23eb5a5d2f0c079c1d97b9d3a5b98e83e5396f0af1b3cd435fb75d195284856369e7811e5462a2b8f1bc9b55ec7b86f61
-
SSDEEP
12288:+egSWmZ6T5wsKyrrSJSPu4sVDOcotJTGX9w32tsh:+ejFZgtESPuFaU9wGts
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-