General
-
Target
a33e6d41c9227949e34574d4bb9831db.exe
-
Size
6.3MB
-
Sample
240801-hdgsja1drc
-
MD5
a33e6d41c9227949e34574d4bb9831db
-
SHA1
b63abdb05496aae4e98fa97a50e7f68d4d789428
-
SHA256
e9ce3ba16ae990857b4db0f1ba428bcb59871eea5096041154dd4f7a44128aba
-
SHA512
f438c9d8cfc6aace0a9008d73d01922c3fd813ccc6ffac6c619352db74fb86870b20f9d748efd95898269bd62b9f839ec7503deca656c85f4a6942a4dc665a9d
-
SSDEEP
196608:6qwHqw6JjbrddIaBxmUHbk9dO96zBKWn2cC:B3rHHbEOYzYI7C
Static task
static1
Behavioral task
behavioral1
Sample
a33e6d41c9227949e34574d4bb9831db.exe
Resource
win7-20240708-en
Malware Config
Extracted
lumma
https://warrantelespsz.shop/api
https://unseaffarignsk.shop/api
https://shepherdlyopzc.shop/api
https://upknittsoappz.shop/api
https://liernessfornicsa.shop/api
https://outpointsozp.shop/api
https://callosallsaospz.shop/api
https://lariatedzugspd.shop/api
https://indexterityszcoxp.shop/api
Extracted
lumma
https://warrantelespsz.shop/api
https://unseaffarignsk.shop/api
https://shepherdlyopzc.shop/api
https://upknittsoappz.shop/api
https://liernessfornicsa.shop/api
https://outpointsozp.shop/api
https://callosallsaospz.shop/api
https://lariatedzugspd.shop/api
https://indexterityszcoxp.shop/api
Targets
-
-
Target
a33e6d41c9227949e34574d4bb9831db.exe
-
Size
6.3MB
-
MD5
a33e6d41c9227949e34574d4bb9831db
-
SHA1
b63abdb05496aae4e98fa97a50e7f68d4d789428
-
SHA256
e9ce3ba16ae990857b4db0f1ba428bcb59871eea5096041154dd4f7a44128aba
-
SHA512
f438c9d8cfc6aace0a9008d73d01922c3fd813ccc6ffac6c619352db74fb86870b20f9d748efd95898269bd62b9f839ec7503deca656c85f4a6942a4dc665a9d
-
SSDEEP
196608:6qwHqw6JjbrddIaBxmUHbk9dO96zBKWn2cC:B3rHHbEOYzYI7C
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-