Overview
overview
10Static
static
3New folder (2).zip
windows7-x64
1New folder (2).zip
windows10-1703-x64
1New folder (2).zip
windows10-2004-x64
1New folder (2).zip
windows11-21h2-x64
1DeviceUxRes.dll
windows7-x64
1DeviceUxRes.dll
windows10-1703-x64
1DeviceUxRes.dll
windows10-2004-x64
1DeviceUxRes.dll
windows11-21h2-x64
1ProductSta...s3.dll
windows7-x64
1ProductSta...s3.dll
windows10-1703-x64
1ProductSta...s3.dll
windows10-2004-x64
1ProductSta...s3.dll
windows11-21h2-x64
1RegisterIdr.dll
windows7-x64
1RegisterIdr.dll
windows10-1703-x64
3RegisterIdr.dll
windows10-2004-x64
3RegisterIdr.dll
windows11-21h2-x64
3Setup.exe
windows7-x64
5Setup.exe
windows10-1703-x64
10Setup.exe
windows10-2004-x64
10Setup.exe
windows11-21h2-x64
5devenum.dll
windows7-x64
1devenum.dll
windows10-1703-x64
1devenum.dll
windows10-2004-x64
1devenum.dll
windows11-21h2-x64
1dmutil.dll
windows7-x64
1dmutil.dll
windows10-1703-x64
1dmutil.dll
windows10-2004-x64
1dmutil.dll
windows11-21h2-x64
1General
-
Target
New folder (2).zip
-
Size
2.9MB
-
Sample
240710-j1a4yawelm
-
MD5
1abe265cd065a885fecb128da093ca1c
-
SHA1
685ce317f21b26120df459e3873dbc332fc278dd
-
SHA256
38cc2c12d990f830b1b7f448726cd95171d28a44e06fa39cd1d7467cc13ed199
-
SHA512
71290ea40cb3d0910f4149dd327d50226c983c96cac1410c17e4957f7c4ab2f9e3dfb2073d40e9aca9e4ed2fe8decddd6a8f9a9860d542e1e55803af312024fe
-
SSDEEP
49152:aNtO3Y5Bu20ZcpMuK14fqOX5OAuBwI9YZ7PHaXxSZamUpag2kBTgUpb0t4rrIzGS:afeY5D8cpMb14fZXduqh7PH4xYxUpE9P
Static task
static1
Behavioral task
behavioral1
Sample
New folder (2).zip
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
New folder (2).zip
Resource
win10-20240611-en
Behavioral task
behavioral3
Sample
New folder (2).zip
Resource
win10v2004-20240709-en
Behavioral task
behavioral4
Sample
New folder (2).zip
Resource
win11-20240709-en
Behavioral task
behavioral5
Sample
DeviceUxRes.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
DeviceUxRes.dll
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
DeviceUxRes.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral8
Sample
DeviceUxRes.dll
Resource
win11-20240709-en
Behavioral task
behavioral9
Sample
ProductStatistics3.dll
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
ProductStatistics3.dll
Resource
win10-20240404-en
Behavioral task
behavioral11
Sample
ProductStatistics3.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral12
Sample
ProductStatistics3.dll
Resource
win11-20240709-en
Behavioral task
behavioral13
Sample
RegisterIdr.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
RegisterIdr.dll
Resource
win10-20240611-en
Behavioral task
behavioral15
Sample
RegisterIdr.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral16
Sample
RegisterIdr.dll
Resource
win11-20240709-en
Behavioral task
behavioral17
Sample
Setup.exe
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
Setup.exe
Resource
win10-20240404-en
Behavioral task
behavioral19
Sample
Setup.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral20
Sample
Setup.exe
Resource
win11-20240709-en
Behavioral task
behavioral21
Sample
devenum.dll
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
devenum.dll
Resource
win10-20240404-en
Behavioral task
behavioral23
Sample
devenum.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral24
Sample
devenum.dll
Resource
win11-20240709-en
Behavioral task
behavioral25
Sample
dmutil.dll
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
dmutil.dll
Resource
win10-20240611-en
Behavioral task
behavioral27
Sample
dmutil.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral28
Sample
dmutil.dll
Resource
win11-20240709-en
Malware Config
Extracted
lumma
https://palacecirwoos.shop/api
https://bouncedgowp.shop/api
https://bannngwko.shop/api
https://bargainnykwo.shop/api
https://affecthorsedpo.shop/api
https://radiationnopp.shop/api
https://answerrsdo.shop/api
https://publicitttyps.shop/api
https://benchillppwo.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
New folder (2).zip
-
Size
2.9MB
-
MD5
1abe265cd065a885fecb128da093ca1c
-
SHA1
685ce317f21b26120df459e3873dbc332fc278dd
-
SHA256
38cc2c12d990f830b1b7f448726cd95171d28a44e06fa39cd1d7467cc13ed199
-
SHA512
71290ea40cb3d0910f4149dd327d50226c983c96cac1410c17e4957f7c4ab2f9e3dfb2073d40e9aca9e4ed2fe8decddd6a8f9a9860d542e1e55803af312024fe
-
SSDEEP
49152:aNtO3Y5Bu20ZcpMuK14fqOX5OAuBwI9YZ7PHaXxSZamUpag2kBTgUpb0t4rrIzGS:afeY5D8cpMb14fZXduqh7PH4xYxUpE9P
Score1/10 -
-
-
Target
DeviceUxRes.dll
-
Size
12KB
-
MD5
8d6369f9da2734e3cd36141d9019127e
-
SHA1
0a684b0c7b033d7c8cf45cfc3d3c341aa131c442
-
SHA256
2889091bf1caf6b87124a8cb5f2ad9b6f1ad3126d1b718b2bc5d1be6c4a20fa3
-
SHA512
8839afcda074e0c978df6a8d1d01d3321559b288c5b24c14534ea8ef68a6958e4d16417389e6670b51dc0cb6493bed26b2613931455bd7f4774e11bd46ee0505
-
SSDEEP
192:+mMk5VclaM7uWooWdaWj5DCr+s94MIL69LYxD05M5:+25VcQMqWooWdrofKLL69L8
Score1/10 -
-
-
Target
ProductStatistics3.dll
-
Size
1.1MB
-
MD5
dbef14936ec14156dbf0837668240671
-
SHA1
750fba77eefe8dacff24cdfee6166814bedb9e08
-
SHA256
488bd11595256d1410afe9c5dcd04b7e66b4338bc205dd0b67f26be9b53104d7
-
SHA512
0c89542c50e89c1128eeeb3d196192d37f0b12fb8bf45fdba76e1eb30c86164123d179aef7f5cfb65a255010ddb319ebcb29ea6c68e4011b30aef4d0f5440493
-
SSDEEP
12288:fkBNeUYJLwxwp//gGWFgYeGU8eUSq8HPi0xaf1Go4fDqarPk3BIKxtWb8888888q:cD5YJLWwp//iFgYhMS0sfJ4fDnrPGyb
Score1/10 -
-
-
Target
RegisterIdr.dll
-
Size
1.4MB
-
MD5
e958404bcc4d6cdd98aaa54b887c2b75
-
SHA1
814b31639ad616cb41bf03fd77dfe74d3127b60a
-
SHA256
8e3e1283ef8daf2d14b958fd77333237955f617a6762d32e37e4591a47a7a64b
-
SHA512
1c9c5384491836200133fa29287b441610af0c7362e662f9b778f8a83f91bd24e03f0d91f2c399c43875aa843bb4821a58d1d967aadf3766190ac9e5a9d1f78d
-
SSDEEP
24576:woZKyPoPJJ8L8CrOT1p8XLTjNjEAVFodCG1BoaS9Q5aiy42jaiV1N1KTh+ucvTTI:WoL8C6TeqjZ1BoFAYagqTg/vTTI
Score3/10 -
-
-
Target
Setup.exe
-
Size
2.1MB
-
MD5
db7e67835fce6cf9889f0f68ca9c29a9
-
SHA1
5565afda37006a66f0e4546105be60bbe7970616
-
SHA256
dbd3057a58fd3407c95418bc5d9c253adc8c658ee338f22d58374ed3ea37b738
-
SHA512
bc2714bb408715e5e1cec1337b831e26dbda208183955a07ec8653a38c9c0f25f60f333a154b738927ce085e7bbff438963b941a6c2773b3e7325cd900e7651b
-
SSDEEP
24576:LvknONWhX+nZQMcPCxOlw5etZhfAgBbBEjGf4JNhy4BPQ6MwWTbVTJBrMHACgUBh:nSXUZBP5eDxAg1z4Dhy4ZMdTJTJBrs7
-
Suspicious use of SetThreadContext
-
-
-
Target
devenum.dll
-
Size
80KB
-
MD5
2629e33f683805cf0908b5aefe13b9a9
-
SHA1
004c9153c24290686740a5b223b27fb0ba3eb72e
-
SHA256
eb5d028dba6abab1daa4e3c4ca46e7f58f0393041fc3a61e1430bbef126a5bb9
-
SHA512
6cc032149383bbf532b253d0b4a3b85de0154cdcf5fc5f65f3001bd31ef9031e790ee48667d477c47bdd1c1297855587057b1a92ea1aa44ee7313bd7875a3f65
-
SSDEEP
1536:xdE6s6ysYhaIRAfy9eY5iX2Qrk0jnZHrDQdRC3arILFPDw:xN7yjhaI9eYahk0jnZTR0
Score1/10 -
-
-
Target
dmutil.dll
-
Size
21KB
-
MD5
e15f5009ebbd5baa85eaa106ab249eec
-
SHA1
6d377bcb0a524a8f2cc59e38703e70ede1639fa5
-
SHA256
f052c6fa3d48e38d358547f9b31f05d8e47baca9565eb244c6583697caf03183
-
SHA512
b3ddbd8f5d4293d4266ed9ce7f745490dfbc979bae15b19e6df227febc15d19e90378740c19659ce5ebf18cee8cb9591f488ea9093fa28d0f6a542fb36098fd1
-
SSDEEP
384:7wmNTDgpGBrj3kBs4SbtEq/JvozlCM+t8Oztf9H11Ta9VWM8W/G:MmNTDgwBnkkbiuMhOpGk
Score1/10 -