General
-
Target
Setup_v1.66.exe
-
Size
545KB
-
Sample
241021-tnn55syejg
-
MD5
acd42e7a42c66fd3928dbb1b1002717d
-
SHA1
7be49b0e8c27711b6f8641c10b757b929b380b1d
-
SHA256
403e76f68fb85706eaadd66222df065c4f3024ae2d8df8fcabc29f38e0005fb6
-
SHA512
281f1bfc21b52bed29aa7ecb4a2fc1a0317966ef348257c27fa76906cfe733c0f8a500479caf21fd5c03c4ea497ab43ea6027955a5898de8aeeb1d4afab57b51
-
SSDEEP
12288:sFpvjAONMRoX1S//+6adr1JonaR3u5Z/GY2ETEO:ypegS//VaBfoaR+5ULmt
Static task
static1
Malware Config
Extracted
lumma
https://drawwyobstacw.sbs
https://condifendteu.sbs
https://ehticsprocw.sbs
https://vennurviot.sbs
https://resinedyw.sbs
https://enlargkiw.sbs
https://allocatinow.sbs
https://mathcucom.sbs
https://dormynwj.buzz
Targets
-
-
Target
Setup_v1.66.exe
-
Size
545KB
-
MD5
acd42e7a42c66fd3928dbb1b1002717d
-
SHA1
7be49b0e8c27711b6f8641c10b757b929b380b1d
-
SHA256
403e76f68fb85706eaadd66222df065c4f3024ae2d8df8fcabc29f38e0005fb6
-
SHA512
281f1bfc21b52bed29aa7ecb4a2fc1a0317966ef348257c27fa76906cfe733c0f8a500479caf21fd5c03c4ea497ab43ea6027955a5898de8aeeb1d4afab57b51
-
SSDEEP
12288:sFpvjAONMRoX1S//+6adr1JonaR3u5Z/GY2ETEO:ypegS//VaBfoaR+5ULmt
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-