General
-
Target
KFlauncher.exe.vir
-
Size
551KB
-
Sample
240707-phd1rssapn
-
MD5
101219048ce6d73fb8a92a731c2f6546
-
SHA1
92d846e64c8d57e4db2f118e09c3fe46e67bc4b3
-
SHA256
53aa6c3c439042df9157823b07c3c2b4e8e39c6090b6f9558e22837eac5f7411
-
SHA512
79853dfaed89cc120aae0e618f9a867e8b98e60b54dfce5aa86e93605edb0f66b0d666cea64c816b4dd57b7e1902ddd3aaa0a318f2e7541828e6e054c3354c6d
-
SSDEEP
12288:C0P9EDfkdB92gdknOAuSoETAHOrQNUyqR0w2pkNJ5sAx:C0PyDfkHMgKfuA0HOrq4R6qJ7
Static task
static1
Behavioral task
behavioral1
Sample
KFlauncher.exe
Resource
win7-20240705-en
Malware Config
Extracted
lumma
https://piedsiggnycliquieaw.shop/api
Targets
-
-
Target
KFlauncher.exe.vir
-
Size
551KB
-
MD5
101219048ce6d73fb8a92a731c2f6546
-
SHA1
92d846e64c8d57e4db2f118e09c3fe46e67bc4b3
-
SHA256
53aa6c3c439042df9157823b07c3c2b4e8e39c6090b6f9558e22837eac5f7411
-
SHA512
79853dfaed89cc120aae0e618f9a867e8b98e60b54dfce5aa86e93605edb0f66b0d666cea64c816b4dd57b7e1902ddd3aaa0a318f2e7541828e6e054c3354c6d
-
SSDEEP
12288:C0P9EDfkdB92gdknOAuSoETAHOrQNUyqR0w2pkNJ5sAx:C0PyDfkHMgKfuA0HOrq4R6qJ7
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-