General
-
Target
infected.zip
-
Size
3.1MB
-
Sample
240707-j8v43sxfnk
-
MD5
044829832c0d67a5f0e1f79316f1f039
-
SHA1
3694184da2e567fc594ececc5308785265eb446a
-
SHA256
ade756d0226cb83732da91e85456c095fdc355b75879cd68cc92d6da2efe71a3
-
SHA512
2805d2edb568146a3fd385041da7da3db5844b473fb1ede1c0538c1ae668ddd0e03e25d43053b17c5f518a90bb81fd39363a67be6500640c9eff671c50cb0fc9
-
SSDEEP
98304:OUvyeWwNyFUoWArXafuo8eX7x+6celDlMhPS:OcXHNyFUobrXzzeL06cUk6
Static task
static1
Behavioral task
behavioral1
Sample
infected.zip
Resource
win10v2004-20240704-en
Behavioral task
behavioral2
Sample
infected.zip
Resource
win11-20240704-en
Malware Config
Extracted
lumma
https://bittercoldzzdwu.shop/api
Targets
-
-
Target
infected.zip
-
Size
3.1MB
-
MD5
044829832c0d67a5f0e1f79316f1f039
-
SHA1
3694184da2e567fc594ececc5308785265eb446a
-
SHA256
ade756d0226cb83732da91e85456c095fdc355b75879cd68cc92d6da2efe71a3
-
SHA512
2805d2edb568146a3fd385041da7da3db5844b473fb1ede1c0538c1ae668ddd0e03e25d43053b17c5f518a90bb81fd39363a67be6500640c9eff671c50cb0fc9
-
SSDEEP
98304:OUvyeWwNyFUoWArXafuo8eX7x+6celDlMhPS:OcXHNyFUobrXzzeL06cUk6
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-