Behavioral task
behavioral1
Sample
9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7.exe
Resource
win10v2004-20241007-en
General
-
Target
9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7
-
Size
347KB
-
MD5
1a5a84c727dba020f92a765814abcd28
-
SHA1
4cc40dcef25834ceff8dc92bf73dd0087b9c2db6
-
SHA256
9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7
-
SHA512
bae6730a7ce17e483757607a2d9a4de3aed391f77f6c8f23cb5945b8db08eb1c2afbcda8a14574de5abc8e3f6cd0b8ddeff078a75e512b29c5c976e16c2996f5
-
SSDEEP
6144:dYGQfZuMP44Qw+f5osENySVbhRpRbWzlYUJZX1mR6E9KUOexDsVZc:dMUg4465oDzizyOXgwUOT
Malware Config
Extracted
lumma
https://servicedny.site
https://authorisev.site
https://faulteyotk.site
https://dilemmadu.site
https://contemteny.site
https://goalyfeastz.site
https://opposezmny.site
https://seallysl.site
https://computeryrati.site
Signatures
-
Lumma family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7
Files
-
9ad59d548f173fba235517acc0a5dbd416f3890cbf622767da02c83fc0c051e7.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 275KB - Virtual size: 275KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ