Analysis
-
max time kernel
92s -
max time network
97s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
11-07-2024 01:32
Static task
static1
Behavioral task
behavioral1
Sample
6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa.exe
Resource
win7-20240704-en
General
-
Target
6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa.exe
-
Size
1.5MB
-
MD5
237916755ed876d8acd9121bc2693a4e
-
SHA1
98d4f8936eed9d77b7f1691015d1d8f6cb053911
-
SHA256
6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa
-
SHA512
27a2a5b951517ac96e607ce6555c35b9a09f0e6b9a94ec9ee815a7eb04c88178d4c363ebc47f9c2f95b17355484602adf1f7996d3be14f2cb8217dea68bbdf1e
-
SSDEEP
24576:dnbbPImgK4brDi4IxEzwqNb+Yz73P2EMZbG0JEtdqxytyw5wE1uDnj1r/pkgW2Wq:lHeKh4xzF3PYdStonfnnjsgZB
Malware Config
Extracted
lumma
https://begghurldids.shop/api
https://bouncedgowp.shop/api
https://bannngwko.shop/api
https://bargainnykwo.shop/api
https://affecthorsedpo.shop/api
https://radiationnopp.shop/api
https://answerrsdo.shop/api
https://publicitttyps.shop/api
https://benchillppwo.shop/api
https://reinforcedirectorywd.shop/api
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa.exepid Process 1840 6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa.exe 1840 6e4cfdba9fc29d914de495f7347cfc679e1a45f6132ad57cb5704478e4611aaa.exe