General
-
Target
383dc98d03038d2374701a5bfa5d8c0a.exe
-
Size
512KB
-
Sample
240707-tsg8dsxele
-
MD5
383dc98d03038d2374701a5bfa5d8c0a
-
SHA1
e7fb6995ef4ea1b28f9527c96321452ac59686e1
-
SHA256
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
SHA512
b846e728ec92a77af8b2a822c970646170951254dbd9ec5332191dc7d4b1fd15708e4850912049a772e4af1992fe2658ae3af49a377fb2172eb588fe8c6baff2
-
SSDEEP
12288:6oZruugE3QDpUibhyJMu5ZkffXdBssjWCxj+x:6oZCugEA9rS5Z8fXdjWN
Static task
static1
Behavioral task
behavioral1
Sample
383dc98d03038d2374701a5bfa5d8c0a.exe
Resource
win7-20240704-en
Malware Config
Extracted
lumma
https://benchillppwo.shop/api
Targets
-
-
Target
383dc98d03038d2374701a5bfa5d8c0a.exe
-
Size
512KB
-
MD5
383dc98d03038d2374701a5bfa5d8c0a
-
SHA1
e7fb6995ef4ea1b28f9527c96321452ac59686e1
-
SHA256
48a4712ae782ae16698b8a85c74dcb790e610c5a31c746319fb1d30e0e3c6096
-
SHA512
b846e728ec92a77af8b2a822c970646170951254dbd9ec5332191dc7d4b1fd15708e4850912049a772e4af1992fe2658ae3af49a377fb2172eb588fe8c6baff2
-
SSDEEP
12288:6oZruugE3QDpUibhyJMu5ZkffXdBssjWCxj+x:6oZCugEA9rS5Z8fXdjWN
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-