General
-
Target
Trust Launcher.exe
-
Size
154.5MB
-
Sample
240801-axp91swgpe
-
MD5
d036f534172c33ceeecb7acae53b60b7
-
SHA1
440c7389d940452bdbf76a64c0161021b36d6395
-
SHA256
774ec47cfc80699e04aa781bb800cc691f149c704fc915bb1ef8150da01e2636
-
SHA512
3fa508460a44460463d8e16df2606959c4d2faa9c051a10a92e4d60e85af4b62d8b559e800a31f20054bfa6b703f49f0161db8d2b06a2048863d51ac1c18447e
-
SSDEEP
49152:cYD3DmM1wcRYHJS/oPq6RIIweIpQ6D7IPE:cYT1wQYFjOIweIdIP
Static task
static1
Behavioral task
behavioral1
Sample
Trust Launcher.exe
Resource
win7-20240705-en
Malware Config
Extracted
lumma
https://craackypotsis.shop/api
https://applyzxcksdia.shop/api
https://replacedoxcjzp.shop/api
https://declaredczxi.shop/api
https://catchddkxozvp.shop/api
https://arriveoxpzxo.shop/api
https://contemplateodszsv.shop/api
https://bindceasdiwozx.shop/api
https://conformfucdioz.shop/api
Extracted
lumma
https://applyzxcksdia.shop/api
Targets
-
-
Target
Trust Launcher.exe
-
Size
154.5MB
-
MD5
d036f534172c33ceeecb7acae53b60b7
-
SHA1
440c7389d940452bdbf76a64c0161021b36d6395
-
SHA256
774ec47cfc80699e04aa781bb800cc691f149c704fc915bb1ef8150da01e2636
-
SHA512
3fa508460a44460463d8e16df2606959c4d2faa9c051a10a92e4d60e85af4b62d8b559e800a31f20054bfa6b703f49f0161db8d2b06a2048863d51ac1c18447e
-
SSDEEP
49152:cYD3DmM1wcRYHJS/oPq6RIIweIpQ6D7IPE:cYT1wQYFjOIweIdIP
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1