General
-
Target
-
Size
11.5MB
-
Sample
240908-jh493atgkq
-
MD5
e17763ef1ee58d850380d2a4d6817c53
-
SHA1
5d702dfd8c85a50f95d538c3afaa61395136a455
-
SHA256
fd17c39f31d3ad3ce0c7d7f3ad03e85f0475e3e84e3e582dcac4864f8a2390c7
-
SHA512
6ae17f89f46bb61b286319306c71d4bbf130f5e685fe8d0bc991fb9966e83199c81edda2695ab6be799643f1d1ac33e25871aae0d0331542073aca4a1a1ed084
-
SSDEEP
196608:DwKvTooU6zxaJNjb1H/RZKCSHuknYoEwGyFSD/4ATpD3N2w7261cA/fGuAhRkY4V:DzZErjb1H/ZSpz7GysDQsDd2w7j68f/d
Static task
static1
Behavioral task
behavioral1
Sample
ExxxxSet_up.exe
Resource
win7-20240903-en
Malware Config
Extracted
lumma
https://condedqpwqm.shop/api
Targets
-
-
Target
ExxxxSet_up.exe
-
Size
749.4MB
-
MD5
fe069d8e3711f5c4ac4a0735a02fc303
-
SHA1
3352dcd0c6913f206dde60ea95afaff471895138
-
SHA256
dc5d859a301eec28319936a6b94d3eb439f7b62b890bcf177d25718a3b8418cc
-
SHA512
c0382e00c16c93e1e0c1a2a40937c84568cdb66f31e1735975546a3d1904d7b8ce12cb4d6c33ef07d993962daca6825a9446867305f308d29186729533289708
-
SSDEEP
196608:8lN3eZmCSq9xx0+tH8o7o3X0HXG6uq9+nkl0pIlKeRfMU/nV:sRExxrG3k2TqNvF
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-