General
-
Target
Win.Installer.x32-x64.bit.zip
-
Size
561KB
-
Sample
240711-y8qlxssfkn
-
MD5
ea0c95692f4651f995879ba5ff27b754
-
SHA1
194e2a400ee935af7d0906e4a8dac96d1c7d5f0e
-
SHA256
fe7dc803ad1ea414128b5171ddd6603743a82e5f357aca58f3327feaa0377542
-
SHA512
b382fd9a0c772e5558fe2606371d76966b55889876eb0303d7dbb33698f331aac62ac86220bb0de434ec340770ee5f93a50f5335a420b98ae435dc9f0a8cebf0
-
SSDEEP
12288:aHsrpYibqQux2S9wHkr1bldlhmUk6Mbpgy6RKu:aHsrSi+XxP94EblIUZMbpcKu
Static task
static1
Behavioral task
behavioral1
Sample
Win.Installer.x32-x64.bit.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Win.Installer.x32-x64.bit.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
Win.Installer.x32-x64.bit.exe
Resource
win11-20240709-en
Malware Config
Extracted
lumma
https://demandlinzei.shop/api
https://applyzxcksdia.shop/api
https://replacedoxcjzp.shop/api
https://declaredczxi.shop/api
https://catchddkxozvp.shop/api
https://arriveoxpzxo.shop/api
https://contemplateodszsv.shop/api
https://bindceasdiwozx.shop/api
https://conformfucdioz.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
Win.Installer.x32-x64.bit.exe
-
Size
118.5MB
-
MD5
2c9183c740c7569a095ec4152112558a
-
SHA1
850e2c43d838331ccf521cc48cd64d5da80ed6c7
-
SHA256
611c27e0730ee39045837dc97a8c6762e19ddde28f829fb315666ab062814ddd
-
SHA512
10e5904130cf22713f180107b0d3cc813db3cbfd2cce525ee61fcaf84bca114c21e8e5873890e5350e2a47a2f70085c29fd41544a5f14fcfd5d91a9947e7ba30
-
SSDEEP
12288:vrZSt3KUdrYDlY5w/XKB+2sWaWdT/ahUxo0+Kmo0lMl1sR4PkiLU8SEn06s:jAWnK8I/aAVmthB
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-