General
-
Target
InstNew_v1.0.9_Арp_Release_x64.exe
-
Size
1.0MB
-
Sample
241111-2d1eesybkm
-
MD5
9803e1c897fec7f899c7b9a1f6d34398
-
SHA1
91be6ecd608e3dfce09e04a8866b2a1aba16a632
-
SHA256
c395d9398f363892c415c5c1d7c07ac6052dc5585825261f522784f2f6a35a9a
-
SHA512
a8da65f01c47ccd137dc6fe0d5469627c4e9a0cbcbeaaebba7ed491f98100a428e03244bc0607959c048cfd43bd8d3beaae932ecb5103619a8a9fc7989cbe65a
-
SSDEEP
24576:P54TFXpHWHGe2Dv7JIlsOApZVcnOyFXLLWvN7V:8HdDzJ+UIOyF7aV5
Static task
static1
Malware Config
Extracted
lumma
https://financiauglyk.cyou/api
Targets
-
-
Target
InstNew_v1.0.9_Арp_Release_x64.exe
-
Size
1.0MB
-
MD5
9803e1c897fec7f899c7b9a1f6d34398
-
SHA1
91be6ecd608e3dfce09e04a8866b2a1aba16a632
-
SHA256
c395d9398f363892c415c5c1d7c07ac6052dc5585825261f522784f2f6a35a9a
-
SHA512
a8da65f01c47ccd137dc6fe0d5469627c4e9a0cbcbeaaebba7ed491f98100a428e03244bc0607959c048cfd43bd8d3beaae932ecb5103619a8a9fc7989cbe65a
-
SSDEEP
24576:P54TFXpHWHGe2Dv7JIlsOApZVcnOyFXLLWvN7V:8HdDzJ+UIOyF7aV5
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-