General
-
Target
i3z.txt
-
Size
340B
-
Sample
241030-1r37sssaph
-
MD5
97bea7bb8c406fd6bbe9b4fee25da060
-
SHA1
43d5b66dd6485e2dc6c2cc6ca35fb3018320445f
-
SHA256
06c8e364df5af4d3a526837daabae867764f63e6b6f9b3d69367f8affe19bccf
-
SHA512
0146d50859e4e9d3fd8857c23dbc0d1630577b58cec222162269253f86141fa7e9790b19cf9d68c16596831ce1902f0dbc0ac861b3219adc89dd48079bf53abd
Static task
static1
Behavioral task
behavioral1
Sample
i3z.ps1
Resource
win7-20241010-en
Malware Config
Extracted
https://pub-c13566988b4f4e95a34c68d33362e742.r2.dev/sckvghjkl.zip
Extracted
lumma
https://goalyfeastz.site/api
https://contemteny.site/api
https://dilemmadu.site/api
https://authorisev.site/api
Targets
-
-
Target
i3z.txt
-
Size
340B
-
MD5
97bea7bb8c406fd6bbe9b4fee25da060
-
SHA1
43d5b66dd6485e2dc6c2cc6ca35fb3018320445f
-
SHA256
06c8e364df5af4d3a526837daabae867764f63e6b6f9b3d69367f8affe19bccf
-
SHA512
0146d50859e4e9d3fd8857c23dbc0d1630577b58cec222162269253f86141fa7e9790b19cf9d68c16596831ce1902f0dbc0ac861b3219adc89dd48079bf53abd
-
Lumma family
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-