General
-
Target
WaveInstaller.exe
-
Size
629KB
-
Sample
240707-zbzn1azerh
-
MD5
535de7c69bf1dcb0da75019378d1013c
-
SHA1
86431b08e2aa7d894b24b63d79c7a0528c4aafe9
-
SHA256
3a8885e171cf29f974602ae3bd8b6af640977748b131c3aaa317712884c46b4c
-
SHA512
7ca6f5689fc298ea94eef82f7b21a0c51ed6d74cf5dd0d7fc3a042ed9c421f1002dd2fbeea09ff199b9d2c932d4d54d43b4b885a57107383ac090d6001ec0086
-
SSDEEP
12288:qbhEv/GoncquZUEn4scjlgW9AbOFQZxuZwgOIU+At0++xs06MS6Vo1dAu/FPbACe:qbh8fcqTy45lgb
Static task
static1
Behavioral task
behavioral1
Sample
WaveInstaller.exe
Resource
win7-20240705-en
Malware Config
Extracted
lumma
https://bitchsafettyudjwu.shop/api
Targets
-
-
Target
WaveInstaller.exe
-
Size
629KB
-
MD5
535de7c69bf1dcb0da75019378d1013c
-
SHA1
86431b08e2aa7d894b24b63d79c7a0528c4aafe9
-
SHA256
3a8885e171cf29f974602ae3bd8b6af640977748b131c3aaa317712884c46b4c
-
SHA512
7ca6f5689fc298ea94eef82f7b21a0c51ed6d74cf5dd0d7fc3a042ed9c421f1002dd2fbeea09ff199b9d2c932d4d54d43b4b885a57107383ac090d6001ec0086
-
SSDEEP
12288:qbhEv/GoncquZUEn4scjlgW9AbOFQZxuZwgOIU+At0++xs06MS6Vo1dAu/FPbACe:qbh8fcqTy45lgb
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-