General
-
Target
valorant_hack (3489).zip
-
Size
363KB
-
Sample
241021-jaj9xswgjj
-
MD5
b0ec5558fb4c064b8f200fc410b9d5f8
-
SHA1
081dce255fc337a0cda81c26ebb7d65ecfc55ef7
-
SHA256
a89a6ecf62241412139ef35499803399cba4a65f1565bae27c7699e1dfe88249
-
SHA512
267fc8fb01c4588c647f68fea4aad38b2e9a0a20c1eb7bf0db7b7837ba8e7578361284ed2b4cb64c4a62661e354048ec6a6ad0c9303ee3d64eab458aba3df684
-
SSDEEP
6144:tKKY9QL/DYCWyxdBPPwko0Mcr//c1R0StDFkXAGxU9DAnPynveEG9JDVU9sm5AET:ARO/HWyxdBHPrktF+URAPyveEG7xU55h
Static task
static1
Malware Config
Extracted
lumma
https://snailyeductyi.sbs
https://ferrycheatyk.sbs
https://deepymouthi.sbs
https://wrigglesight.sbs
https://captaitwik.sbs
https://sidercotay.sbs
https://heroicmint.sbs
https://monstourtu.sbs
https://consumeroo.sbs
Targets
-
-
Target
valo_hack.exe
-
Size
387KB
-
MD5
3d6e839df6be9231e7322e51ff026e76
-
SHA1
ce81748507ce4ac3f0748f9aca581916021f8221
-
SHA256
380578c5c800d529a5e41cf1d0cab2b01e34bf8859f5e031465cd298eaadac4f
-
SHA512
2fc689dc57b9fb5bd9ba7f3f0b7480d5fc6abbb59c000689df95690fa7a6540dbc6f85296a86c1b7f58d222f4a742d8eec55edadbcc3e48e8015d6d97dee6ca8
-
SSDEEP
12288:9ktY2XPhWY5EfrhyQVYZFF2F56USdmAA+bMgNjqIPya+:qtY2XPb5iuqF5GAARb
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-