General
-
Target
140c4cc35e12d280fd72a61d62e53221.exe
-
Size
4.0MB
-
Sample
241031-1bawbavphm
-
MD5
140c4cc35e12d280fd72a61d62e53221
-
SHA1
fe590ab3be434b74f643fbc9972d2f0cc44351d7
-
SHA256
1e9928ca23eb356b43f03adc13f2c2aa9f7d18a5b832973ebbee5b0a77574022
-
SHA512
29dc14c1481b15cb3ce7cb7fac9ba72df1a78163d544d454a2612c727e351deef0136880bc0c6042db86fd94bba710422169b9fbb762e7bb7c9c3a3d314cd228
-
SSDEEP
98304:XLGBD+v2B6JLQBuZwc/nExG4Wu9yeP05dCkAoJ3TFD:XLCav2IGuZ3+59yePvxoHD
Behavioral task
behavioral1
Sample
140c4cc35e12d280fd72a61d62e53221.exe
Resource
win7-20240903-en
Malware Config
Extracted
lumma
https://goalyfeastz.site/api
https://contemteny.site/api
https://dilemmadu.site/api
https://authorisev.site/api
Targets
-
-
Target
140c4cc35e12d280fd72a61d62e53221.exe
-
Size
4.0MB
-
MD5
140c4cc35e12d280fd72a61d62e53221
-
SHA1
fe590ab3be434b74f643fbc9972d2f0cc44351d7
-
SHA256
1e9928ca23eb356b43f03adc13f2c2aa9f7d18a5b832973ebbee5b0a77574022
-
SHA512
29dc14c1481b15cb3ce7cb7fac9ba72df1a78163d544d454a2612c727e351deef0136880bc0c6042db86fd94bba710422169b9fbb762e7bb7c9c3a3d314cd228
-
SSDEEP
98304:XLGBD+v2B6JLQBuZwc/nExG4Wu9yeP05dCkAoJ3TFD:XLCav2IGuZ3+59yePvxoHD
-
Lumma family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-