General
-
Target
file.exe
-
Size
3.0MB
-
Sample
241108-qaccmsshjp
-
MD5
0203f6b9191cd21d402ee7ca1386cd3f
-
SHA1
bc2a7018832ed77b3fd94802d3986c903018ad5f
-
SHA256
54d0a6062d97cb3c494cc2b253a1d8a4636e0260826b60d5a9909e17e625ea7d
-
SHA512
ea4325f2430a77c9b5035a74a9137be17798b129477d5feeae4840b276924885433dc0f3b9d0b70ccdf55e31c2d81931fbcf215417d46632de2b46a45570aaa0
-
SSDEEP
49152:GIIYfTVcxT4tKmfH+3oS4B4q9IZXlqikRGhOkOhbTo:GGTV90mfeYS4B4qoQ/RG4hY
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20241010-en
Malware Config
Extracted
lumma
https://navygenerayk.store/api
Targets
-
-
Target
file.exe
-
Size
3.0MB
-
MD5
0203f6b9191cd21d402ee7ca1386cd3f
-
SHA1
bc2a7018832ed77b3fd94802d3986c903018ad5f
-
SHA256
54d0a6062d97cb3c494cc2b253a1d8a4636e0260826b60d5a9909e17e625ea7d
-
SHA512
ea4325f2430a77c9b5035a74a9137be17798b129477d5feeae4840b276924885433dc0f3b9d0b70ccdf55e31c2d81931fbcf215417d46632de2b46a45570aaa0
-
SSDEEP
49152:GIIYfTVcxT4tKmfH+3oS4B4q9IZXlqikRGhOkOhbTo:GGTV90mfeYS4B4qoQ/RG4hY
-
Lumma family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-