General
-
Target
TrustLauncher.exe
-
Size
1.0MB
-
Sample
240707-rdp9cawdld
-
MD5
7b2c8c54a2fe4126f9e4e09d27a40276
-
SHA1
51fbe352246530e6fd6180e5074cb3e6f18115ea
-
SHA256
375d32aec3ce77b266a6bd8a56688afbdfe4c4e085122b402abef24daa75793a
-
SHA512
9cfd58dce4e4e7e719fbf9048a97015a8b783439be415caa590e19f8722756f211d580bc89dc1d21d1632944300abab747f351c2ea62ca8d380ed4e1d9e26b22
-
SSDEEP
24576:8uWBOMM91ykaGz1pw1s+QbdFK2cQf+27uH3l1vzgqwxOw9Gf7:lyK1y9Gz1pw1s+QBFx9+27uXl1nwxOw+
Static task
static1
Behavioral task
behavioral1
Sample
TrustLauncher.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
TrustLauncher.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
TrustLauncher.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
lumma
https://potterryisiw.shop/api
Targets
-
-
Target
TrustLauncher.exe
-
Size
1.0MB
-
MD5
7b2c8c54a2fe4126f9e4e09d27a40276
-
SHA1
51fbe352246530e6fd6180e5074cb3e6f18115ea
-
SHA256
375d32aec3ce77b266a6bd8a56688afbdfe4c4e085122b402abef24daa75793a
-
SHA512
9cfd58dce4e4e7e719fbf9048a97015a8b783439be415caa590e19f8722756f211d580bc89dc1d21d1632944300abab747f351c2ea62ca8d380ed4e1d9e26b22
-
SSDEEP
24576:8uWBOMM91ykaGz1pw1s+QbdFK2cQf+27uH3l1vzgqwxOw9Gf7:lyK1y9Gz1pw1s+QBFx9+27uXl1nwxOw+
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-