General
-
Target
Nexol (2525).zip
-
Size
496KB
-
Sample
241030-zemtlsskcn
-
MD5
d92832278ec85cfb863920cde5379070
-
SHA1
5298455790d3a4e44ba7125dce5e6e71da6e10cc
-
SHA256
e310151d025b28fe865f831805bd73f3520b0e51625e212b208376439d4c79ef
-
SHA512
ecb6928010a56a57ab5759a8bedaf0d7e8051326b8bbb353771404e7a45155c511de5d362748e0c44e535af0006ab2b98d49403f7ef06b13677c1ea7f0a36339
-
SSDEEP
12288:6QkF2wMdYv6o1nIKUZQdnbIWunPrDbGPS4wm4NMzN9Vgz:6IojnCZQmWunPrfr4zZ9+
Static task
static1
Malware Config
Extracted
lumma
https://goalyfeastz.site/api
https://contemteny.site/api
https://dilemmadu.site/api
https://authorisev.site/api
Targets
-
-
Target
Nexol.exe
-
Size
625KB
-
MD5
2154ecc6389155fdb4c4d9b72defa384
-
SHA1
13f053d3567e3663bc710dae51c55f616014ba4b
-
SHA256
c3b26f097e1e8aeca0fe1b1f765f066e375126b5b8661a565250bfc5e1e8da4a
-
SHA512
3b6cb51841be537d14186d119dca6d18921d4fa84c9348ae575d61cc763d599c78a1aa566720257b9f71f7d09e9415427908beff512aa7db032b1622e13ef653
-
SSDEEP
12288:QsQpSam0VxFrrWstS7VNxNPACQgUKJ6X6BXqzGOFSKne/OYhR9SPMv:Q3pmgXrWoiNIhLe6OXqzWGe/lR9SPMv
-
Lumma family
-
Suspicious use of SetThreadContext
-