General
-
Target
#SetUp_2255_PassW0rd$$!!!.zip
-
Size
7.5MB
-
Sample
240711-rrgjcszenq
-
MD5
d0641374cc27fa846d31b7ff4d9c93f3
-
SHA1
f66cdadfb6f3ca3ce30656717378f28187cf0be8
-
SHA256
89ac6aee92ba24650ba8cdfde9367933f377f6ffad434132cd3cde3b378b3995
-
SHA512
81ad35e4087feb7e160dab9f32da823fec8f527466a0b1d1229dbf2e464246fbd5e5c5f572dee7729f2f190104648c310a31fa27d3e21c63dc677b9d2561a741
-
SSDEEP
196608:mBNz1bpwqTaGm2NOIcFfNsESNkX/wlgpfMM6mPC3:mB5VdA5Ntwkv/gX3
Static task
static1
Behavioral task
behavioral1
Sample
Setup.msi
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Setup.msi
Resource
win10v2004-20240709-en
Malware Config
Extracted
lumma
https://bittercoldzzdwu.shop/api
https://bouncedgowp.shop/api
https://bannngwko.shop/api
https://bargainnykwo.shop/api
https://affecthorsedpo.shop/api
https://radiationnopp.shop/api
https://answerrsdo.shop/api
https://publicitttyps.shop/api
https://benchillppwo.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
Setup.msi
-
Size
2.4MB
-
MD5
22700b5e19106a0c61f814b300856129
-
SHA1
2018bb88e522d4e349a16f63764e90b53d66c573
-
SHA256
6868a28e301db8c220a8ea22c15fe844685f88c963385ee5a5281edc34b90417
-
SHA512
9d69c94d31b0a07830988f283c5cf200acf1e447a2a612fb49428db40512ef70d55f8ceabab81a5a371e93ebfbc9a89db5498fec1f690ba9ab96f45ed5b84db2
-
SSDEEP
49152:TSKVjYJgqkxO+9jRHOREJC+sfhq/7WdzDfyEzac6t4wk3A6t:TDV0ejY+sfhPd3fDOcKkQ
Score10/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-