General
-
Target
4b93cf26d6e6c52e332e084f0940c5e687a91b08e66ee822aae302d1b1f3c014
-
Size
13.1MB
-
Sample
241030-3w5brsvakl
-
MD5
b736da6a81e01bebfdd469d26785e13c
-
SHA1
e82d651e62747674fd6c8bfeb2ebdb569f572c9f
-
SHA256
4b93cf26d6e6c52e332e084f0940c5e687a91b08e66ee822aae302d1b1f3c014
-
SHA512
254bfdb89b477cea6f3edb5c1635b4bf5992a64abc1454627da26420a4dff26f61c7397ab8dfbfa002d4f53e0b07956f0319176bcc26d7eafa0e4ea6c31e0f69
-
SSDEEP
393216:xa8RFy/nyLknMNJsywsseZIX2MURx3cor8:xBRFYnaBwvemGRvXr8
Static task
static1
Behavioral task
behavioral1
Sample
4b93cf26d6e6c52e332e084f0940c5e687a91b08e66ee822aae302d1b1f3c014.exe
Resource
win7-20241023-en
Malware Config
Extracted
lumma
https://snailyeductyi.sbs
https://ferrycheatyk.sbs
https://deepymouthi.sbs
https://wrigglesight.sbs
https://captaitwik.sbs
https://sidercotay.sbs
https://heroicmint.sbs
https://monstourtu.sbs
Targets
-
-
Target
4b93cf26d6e6c52e332e084f0940c5e687a91b08e66ee822aae302d1b1f3c014
-
Size
13.1MB
-
MD5
b736da6a81e01bebfdd469d26785e13c
-
SHA1
e82d651e62747674fd6c8bfeb2ebdb569f572c9f
-
SHA256
4b93cf26d6e6c52e332e084f0940c5e687a91b08e66ee822aae302d1b1f3c014
-
SHA512
254bfdb89b477cea6f3edb5c1635b4bf5992a64abc1454627da26420a4dff26f61c7397ab8dfbfa002d4f53e0b07956f0319176bcc26d7eafa0e4ea6c31e0f69
-
SSDEEP
393216:xa8RFy/nyLknMNJsywsseZIX2MURx3cor8:xBRFYnaBwvemGRvXr8
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-