General
-
Target
github.software.1.2.9.exe
-
Size
516KB
-
Sample
240706-m5gdaszcne
-
MD5
0b7ef465e6ad4c6a671736f20f79e141
-
SHA1
ecc766f41168c898e985f5c502d000cee588d2b8
-
SHA256
2a1152a8f1689bf251fbea5c21cc178537ed20a6c92f6bff63403092df23d0c9
-
SHA512
6fe7dc79b5b023b9bce193c65c54a75065cd569c60492e6f08e6f23fc0865690abeb34644dc384a09eac618cfb2c09f2df74efdf4a2d733f8f60fbddb0555120
-
SSDEEP
12288:D20S+N0KzL7CteqhzPQkAjY1K1mDuNuQi:G+NRat5hDQkAj
Static task
static1
Behavioral task
behavioral1
Sample
github.software.1.2.9.exe
Resource
win7-20240508-en
Malware Config
Extracted
lumma
https://closedjuruwk.shop/api
Targets
-
-
Target
github.software.1.2.9.exe
-
Size
516KB
-
MD5
0b7ef465e6ad4c6a671736f20f79e141
-
SHA1
ecc766f41168c898e985f5c502d000cee588d2b8
-
SHA256
2a1152a8f1689bf251fbea5c21cc178537ed20a6c92f6bff63403092df23d0c9
-
SHA512
6fe7dc79b5b023b9bce193c65c54a75065cd569c60492e6f08e6f23fc0865690abeb34644dc384a09eac618cfb2c09f2df74efdf4a2d733f8f60fbddb0555120
-
SSDEEP
12288:D20S+N0KzL7CteqhzPQkAjY1K1mDuNuQi:G+NRat5hDQkAj
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-