General
-
Target
196b9c8e00d11c72d276a4b9654dd3f5.exe
-
Size
6.3MB
-
Sample
240801-jvevyazfpm
-
MD5
196b9c8e00d11c72d276a4b9654dd3f5
-
SHA1
c2451b97efe9692f88d1780e65b8d50af3ac8691
-
SHA256
2083c6d2ab049f21c15cf93b454b833f25d5d3aad20357f5e2488cfb838b13f5
-
SHA512
2d8a2da0074028885f6fd3501a553848806c04a695fae97326e8f74f32d978b360d09eb4a7290bdce3edb4883c431d64607e6831cce81a611d910723b1891239
-
SSDEEP
98304:6qwtqwQR4XsSjvdnspWEs+hqh+3EtEXA227QpFZd182H4eDP9IIWwILk:6qwtqw/skCWERUh+3EKXAVKo2HzLWwIw
Static task
static1
Behavioral task
behavioral1
Sample
196b9c8e00d11c72d276a4b9654dd3f5.exe
Resource
win7-20240708-en
Malware Config
Extracted
lumma
https://demandlinzei.shop/api
https://applyzxcksdia.shop/api
https://replacedoxcjzp.shop/api
https://declaredczxi.shop/api
https://catchddkxozvp.shop/api
https://arriveoxpzxo.shop/api
https://contemplateodszsv.shop/api
https://bindceasdiwozx.shop/api
https://conformfucdioz.shop/api
Extracted
lumma
https://demandlinzei.shop/api
https://applyzxcksdia.shop/api
Targets
-
-
Target
196b9c8e00d11c72d276a4b9654dd3f5.exe
-
Size
6.3MB
-
MD5
196b9c8e00d11c72d276a4b9654dd3f5
-
SHA1
c2451b97efe9692f88d1780e65b8d50af3ac8691
-
SHA256
2083c6d2ab049f21c15cf93b454b833f25d5d3aad20357f5e2488cfb838b13f5
-
SHA512
2d8a2da0074028885f6fd3501a553848806c04a695fae97326e8f74f32d978b360d09eb4a7290bdce3edb4883c431d64607e6831cce81a611d910723b1891239
-
SSDEEP
98304:6qwtqwQR4XsSjvdnspWEs+hqh+3EtEXA227QpFZd182H4eDP9IIWwILk:6qwtqw/skCWERUh+3EKXAVKo2HzLWwIw
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-