General
-
Target
Setup.exe
-
Size
99.3MB
-
Sample
240711-znlmxawcpa
-
MD5
73b6242fd0c0e5774dfdfe8b722af480
-
SHA1
0315dfc1756c7ad853fac17699f9cdb25a88cd8c
-
SHA256
e472c4aa345cb5c11890edd4dcef8192c7447a92374559e7c55a269689de6b86
-
SHA512
5f88bc3c652999af7c410c603ae115242183c9c9d2aba865b2b7131b7ac4b236ce2f576762630a22c4b9bbc15cc1f8f02bc099f7922ac5a574db1b89aec95a5a
-
SSDEEP
98304:k7kpXKxfuQ07TZkDZm9qNGMdhz1Z7dkbr5s8HVES0HBS4YEYQYBmDdsF3e4qaMS5:kfmxkDZhNGY1Z7dK110hSAYQMesF37H
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
Setup.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral4
Sample
Setup.exe
Resource
win11-20240709-en
Behavioral task
behavioral5
Sample
Setup.exe
Resource
debian12-armhf-20240221-en
Malware Config
Extracted
lumma
https://replacedoxcjzp.shop/api
https://applyzxcksdia.shop/api
https://declaredczxi.shop/api
https://catchddkxozvp.shop/api
https://arriveoxpzxo.shop/api
https://contemplateodszsv.shop/api
https://bindceasdiwozx.shop/api
https://conformfucdioz.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
Setup.exe
-
Size
99.3MB
-
MD5
73b6242fd0c0e5774dfdfe8b722af480
-
SHA1
0315dfc1756c7ad853fac17699f9cdb25a88cd8c
-
SHA256
e472c4aa345cb5c11890edd4dcef8192c7447a92374559e7c55a269689de6b86
-
SHA512
5f88bc3c652999af7c410c603ae115242183c9c9d2aba865b2b7131b7ac4b236ce2f576762630a22c4b9bbc15cc1f8f02bc099f7922ac5a574db1b89aec95a5a
-
SSDEEP
98304:k7kpXKxfuQ07TZkDZm9qNGMdhz1Z7dkbr5s8HVES0HBS4YEYQYBmDdsF3e4qaMS5:kfmxkDZhNGY1Z7dK110hSAYQMesF37H
-
Suspicious use of SetThreadContext
-