Overview
overview
10Static
static
3Setup.exe
windows7-x64
10Setup.exe
windows10-2004-x64
10datastate.dll
windows7-x64
3datastate.dll
windows10-2004-x64
3madbasic_.dll
windows7-x64
3madbasic_.dll
windows10-2004-x64
3maddisAsm_.dll
windows7-x64
3maddisAsm_.dll
windows10-2004-x64
3madexcept_.dll
windows7-x64
3madexcept_.dll
windows10-2004-x64
3pdf2bmp.dll
windows7-x64
3pdf2bmp.dll
windows10-2004-x64
3pdfium.dll
windows7-x64
3pdfium.dll
windows10-2004-x64
3rtl120.dll
windows7-x64
3rtl120.dll
windows10-2004-x64
3vcl120.dll
windows7-x64
3vcl120.dll
windows10-2004-x64
3vclx120.dll
windows7-x64
3vclx120.dll
windows10-2004-x64
3x64/Templa...te.htm
windows7-x64
3x64/Templa...te.htm
windows10-2004-x64
3x64/plugin...ns.dll
windows7-x64
1x64/plugin...ns.dll
windows10-2004-x64
1x64/plugin...ns.dll
windows7-x64
1x64/plugin...ns.dll
windows10-2004-x64
1x64/plugin...ns.dll
windows7-x64
1x64/plugin...ns.dll
windows10-2004-x64
1x64/plugin...ns.dll
windows7-x64
1x64/plugin...ns.dll
windows10-2004-x64
1x64/plugin...re.dll
windows7-x64
1x64/plugin...re.dll
windows10-2004-x64
1General
-
Target
McAfee.exe.zip
-
Size
31.9MB
-
Sample
241122-gla5aa1ndr
-
MD5
4f8033a44af983761188b915926fb21b
-
SHA1
25e5847d42408a2d42ae34e026e01e98da21bdca
-
SHA256
a296f9485d780b55e49b080d12f5eb2ccdc4046ba6c2ea7cce85cda84970bca4
-
SHA512
df16a702f16e9d6ca4a3c92623b4b3db52601e350eeedf775293b888dbefa5e8df9ed2536ec6e80b8e166e12a608118d2ff5a103220756209babedddebafdfcd
-
SSDEEP
786432:5BmLosVEhktH9aMRBozd0QMRBoKyctwcSkjEpiMiSKa96qDLoDZ:psVEhEBlB7ylRHCCoDZ
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
datastate.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
datastate.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
madbasic_.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
madbasic_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
maddisAsm_.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
maddisAsm_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
madexcept_.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
madexcept_.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
pdf2bmp.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
pdf2bmp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
pdfium.dll
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
pdfium.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
rtl120.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
rtl120.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
vcl120.dll
Resource
win7-20241023-en
Behavioral task
behavioral18
Sample
vcl120.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
vclx120.dll
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
vclx120.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
x64/Templates/TemplateCorreoCliente.htm
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
x64/Templates/TemplateCorreoCliente.htm
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
x64/plugins/MahApps.Metro.IconPacks.BootstrapIcons.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
x64/plugins/MahApps.Metro.IconPacks.BootstrapIcons.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
x64/plugins/MahApps.Metro.IconPacks.BoxIcons.dll
Resource
win7-20241010-en
Behavioral task
behavioral26
Sample
x64/plugins/MahApps.Metro.IconPacks.BoxIcons.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
x64/plugins/MahApps.Metro.IconPacks.Codicons.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
x64/plugins/MahApps.Metro.IconPacks.Codicons.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
x64/plugins/MahApps.Metro.IconPacks.Coolicons.dll
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
x64/plugins/MahApps.Metro.IconPacks.Coolicons.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
x64/plugins/MahApps.Metro.IconPacks.Core.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
x64/plugins/MahApps.Metro.IconPacks.Core.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
lumma
https://carrtychaintnyw.shop/api
https://quotamkdsdqo.shop/api
https://milldymarskwom.shop/api
https://metallygaricwo.shop/api
https://opponnentduei.shop/api
https://puredoffustow.shop/api
https://achievenmtynwjq.shop/api
https://chickerkuso.shop/api
https://pilotyiess.shop/api
Targets
-
-
Target
Setup.exe
-
Size
4.0MB
-
MD5
95387cc85dacad60b3e10665b43602e6
-
SHA1
d9aafd45fe3ad10d28716d6289fe76b4fdce1869
-
SHA256
3c317dbab70d3ab4fce944c92532d111f69fd71dca5c7f7c7b8d57e657f26a1a
-
SHA512
82cb0983739a76d15beacbc50f1bf7fa5cca1650b18444c204a3e6a6656aaba5ac94341fa394aaad78b3ff2d51f17c6623f0a882692881d6506af5dae544a02b
-
SSDEEP
98304:ad/+HMxTNPx8kwh+Pfddfe/nxmu5QK1V7Z:Y2H2TNPx8kwhWddfImqQI/
-
Lumma family
-
Suspicious use of SetThreadContext
-
-
-
Target
datastate.dll
-
Size
75KB
-
MD5
28f0ccf746f952f94ff434ca989b7814
-
SHA1
506e85d2de6377492d90b98aa20663b0ff3ce32a
-
SHA256
6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2
-
SHA512
b74ebb9a12079caf7bc074bb977ee94dc6ffcae845c1120026f384953fe2499d4bb0cdb7b6dcb2ff7f37e8135db06048815cc13d1837235eb11fe86e3c4572ee
-
SSDEEP
768:BdPmXHrMcRkZrVlqE6BI6TalNPzrrSRTy3IXGX8prYXDRMMUKkVp4VdEhahE:r+XrMzriE6BorrJIXJpCRM7fVp4c
Score3/10 -
-
-
Target
madbasic_.bpl
-
Size
209KB
-
MD5
dc6655a38ffdc3c349f13828fc8ec36e
-
SHA1
95db71ef7bff8c16ce955c760292bad9f09bb06d
-
SHA256
16126ff5daa3787a159cf4a39aa040b8050ebb66ab90dbb97c503110ef72824a
-
SHA512
84b85f2aaad773cbe039022db3d0c35263343243f0d021d7aa3086904b80dd309e6d2a93613cc774b5db27335f4d2850151e2bc8f4648b0065f66bd3722c3d69
-
SSDEEP
6144:wN/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/Frf1:PqeM/k4qR5L5e5+53WulZ1
Score3/10 -
-
-
Target
maddisAsm_.bpl
-
Size
61KB
-
MD5
84bc072f8ea30746f0982afbda3c638f
-
SHA1
f39343933ff3fc7934814d6d3b7b098bc92540a0
-
SHA256
52019f47f96ca868fa4e747c3b99cba1b7aa57317bf8ebf9fcbf09aa576fe006
-
SHA512
6e7648194738e8e49e48c2450eef1d482473cd4e5c0e83f292ac9174488f3f22a3b6ba96f07e024c2ab96613d9db1a97084ca0b3973ed5d88502e0d28e120ef5
-
SSDEEP
768:RhaUyLDjc8SqMhnJ/zq0siFsjB5mYdWtC16+C+024bQJu0D3BIBo1w4Kv57dbhrC:RNy3eqMne0sXB0IWtCLwEJhY0w1SD
Score3/10 -
-
-
Target
madexcept_.bpl
-
Size
419KB
-
MD5
38138d69a1a262e0bb2e4f6081ddee22
-
SHA1
bcf12a2e0c2cb5c81829e0901b3cc00144d20cec
-
SHA256
a4d63cdefbc75ae2d2f8146c1af57ae1792afbe488c64f634737c29283a1156f
-
SHA512
ba3112e129f8249dadef5d9582e5e2f16de7e3c6aa35d11d84ad9f666563c0eeb6396e46adc148d3424c6af6264565a2a2f2803f5105c662ee9da9e68f02ddd7
-
SSDEEP
6144:elA649EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNRa48n2:elP4ut30F8slzYlQcW/jd++2nJPe2
Score3/10 -
-
-
Target
pdf2bmp.dll
-
Size
278KB
-
MD5
f65c3b116281fd23e5748ad73e9501cf
-
SHA1
ebda8a741833c4fcbfcb72591a7c173d69a01ebd
-
SHA256
eb48e0e36be7b0a89a0b8cc129a3b004a8525e5f60445e5ca48a7810d9d93725
-
SHA512
78ec4ade61c6abf87283d5858ffe119e10d119bcaa2c678d20cb7d45bb1d244a9aaf70b50ab365509b615e7323081292bae156d665a471990863c83a8b233cbc
-
SSDEEP
6144:Fy21Cp1pVexu7mAdMyQ69cu2hk8vZM4ie:Fy2Ap1feEPQ6Z2fMFe
Score3/10 -
-
-
Target
pdfium.dll
-
Size
4.3MB
-
MD5
65a63bd3e6c4ce54299bf494582304f3
-
SHA1
e6f63f69388dd5a3cda90403711b78fe5c667981
-
SHA256
5b8d7269ed5ca414208ff017f52ee65f14d4d8a707a39a7dc3f9879c0c0ce335
-
SHA512
f8ff930aa55222478967b7865465c3f75138b9ff172fdcc1aab47a0172641c5a790e73b5d98bf47fc772002437ad2153846dec626e020408c8d6daee0c630b59
-
SSDEEP
98304:2RxHLI9xEoQRTlaVA+5xfMMHG0kOJuJrCpxPa0wwnYCICsAV:YpTcAsEsuyPahCICsA
Score3/10 -
-
-
Target
rtl120.bpl
-
Size
1.1MB
-
MD5
630991830afe0b969bd0995e697ab16e
-
SHA1
feda243d83fba15b23d654513dc1f0d70787ba18
-
SHA256
b1fcb0339b9ef4860bb1ed1e5ba0e148321be64696af64f3b1643d1311028cb3
-
SHA512
2f2bf30be615f44e56ecca972a9fcbe27187045e13c468d039645e5cc6d01f990cde32b322965f245bc8fccfd0920f09a0afa1d4de0748ed01dd9ffc1bd24692
-
SSDEEP
24576:ebhz5FWbA1msvIRzM7Rk5JZzSQ4+Is2D9Tx0gbo5:l2hTKgbo5
Score3/10 -
-
-
Target
vcl120.bpl
-
Size
1.9MB
-
MD5
849070ebd34cbaedc525599d6c3f8914
-
SHA1
b0543d13f4d0cb787abdaaf1d3c9a5af17c87afa
-
SHA256
b6f321a48812dc922b26953020c9a60949ec429a921033cfaf1e9f7d088ee628
-
SHA512
f2ca685b01be9d1b77d8d924e0097ddacee7628cc1aad8a87d8b18a699558d38a7851e6cff8bb2b8ae1980824588af5c3ac75b7b4198b620144dff61611f3aeb
-
SSDEEP
24576:L2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6T:LRSf0Ww+NpPSyzYY8c8YEPI4+T
Score3/10 -
-
-
Target
vclx120.bpl
-
Size
220KB
-
MD5
7daa2b7fe529b45101a399b5ebf0a416
-
SHA1
fd73f3561d0cebe341a6c380681fb08841fa5ce6
-
SHA256
2bdf023c439010ce0a786ec75d943a80a8f01363712bbf69afc29d3e2b5306ed
-
SHA512
8e9ec71943c412fe95563e488d91e6ef0041c16a08654ff14b11953f134007657d1e6ec95952f6b9c8b8567a35368840618db06e5cd99abc43ae495a3fbc6b96
-
SSDEEP
3072:F4af8kXL6nX0YXjvkWQ5vYhbNkWPFOEJ8YZbjeTl0Y25zFgYBzRKy6sB65avEtAt:Oaf8kLWL7Xov8bNxdOmrfgYmHA6I
Score3/10 -
-
-
Target
x64/Templates/TemplateCorreoCliente.htm
-
Size
2KB
-
MD5
ce4c1f3ba9e690c4119e8ed39aa8eb78
-
SHA1
dc2da00c92b51431c01c5e598de4665c9989e856
-
SHA256
e17621dc67919e53a0d1be6a03fa0d97f01c8932f8d8912d556327e620310432
-
SHA512
daf95e6329b060fe230096fc7a594cf0a13801e2dcf9869affa5530a2d03bf6c0dd2d9340be5c312b82d41dad48057f86811a23b23fba93b0dc9a478986ac4ef
Score3/10 -
-
-
Target
x64/plugins/MahApps.Metro.IconPacks.BootstrapIcons.dll
-
Size
2.1MB
-
MD5
8a999c6c4b38e3afef0b54cbd84180c6
-
SHA1
991b865b6dca9ead7d47dfb22faf584fea276044
-
SHA256
73e67b8a6607064c314b0a5d72def055ae0599beae1e7073d7a10626543d7fd0
-
SHA512
030fcb028335a62ea7c05053835c09016643bc2a941537a7a3dd97913cbc7f6c501e6ad3fb24fda4064d5ed08ed59702d911d7c9aa3f840e12e6db843464236d
-
SSDEEP
6144:CTuzE29sK1y7RQNsMse5AV54EFdxtkYVBQoahtxDfzjADAW4vBM9jd2e+pT9IaRr:4uzEBA
Score1/10 -
-
-
Target
x64/plugins/MahApps.Metro.IconPacks.BoxIcons.dll
-
Size
2.0MB
-
MD5
c01837735db98ade25e996c8fec33bf6
-
SHA1
626cc39c077942f70b72795e999a14d8729a7298
-
SHA256
7b28873c6b729262f6f02ff2da46ca4aeaebcf3799eabd460bfbbf4a0fcf01ca
-
SHA512
6bce692e3bc1304b518a9b47244af4e689ab81362906c3cebf732db0eced533bbf5c9f3a779614f6b258e087b7cbe762a37a68373b4749f7c30ec330984a6f05
-
SSDEEP
12288:NbuZ0HSkOZo/IMCPY3sgUVhv9Rhz4iamcXw9320uVBi0KwxWjYyF:o
Score1/10 -
-
-
Target
x64/plugins/MahApps.Metro.IconPacks.Codicons.dll
-
Size
559KB
-
MD5
7f92130abd27092c78a3e075334bb75e
-
SHA1
14f0cf7594d998d35762e7ada89143601b222613
-
SHA256
a22950cc45540743ac0feae232c4cffeb25baa54ac3604765907e849ddad25ec
-
SHA512
68e23a47a5700dd84ab6b602842d723056cc26db12a7d70336da4c5ee0372cd95883da7232a2527fea21669f82fc1a44afb647b6bf25084dd78174e25ed724f0
-
SSDEEP
6144:2tdYnKgBzqqrTzWBzqqrUzQ7M1L1MyzpmeJ4O:26O
Score1/10 -
-
-
Target
x64/plugins/MahApps.Metro.IconPacks.Coolicons.dll
-
Size
451KB
-
MD5
14f3f599e7a67c95d779820dba5a9fff
-
SHA1
b88ea6caa09ecf11d2e6dbae039ab0734a823345
-
SHA256
213956439f1d224be2f78ae9a345e2c02902750cd83a4a0439234afe801e75e5
-
SHA512
e295ab8f8d90208f6a41320868d73a225a12bedc15591f2a19103a659fb437016ebded0c8fd62c61db3a8dadaafb07565cb76a51fd4113acd20cd568e36807a2
-
SSDEEP
6144:Psu6HHHYtONor0Gw90Lx5FkbrawYhhGqlQz08aWFe/HD6TYm5oE3e3FsPgiu9g3z:P1774BfdWECoBmW
Score1/10 -
-
-
Target
x64/plugins/MahApps.Metro.IconPacks.Core.dll
-
Size
19KB
-
MD5
b705c478c096ef8ea4fc0738d52d1c84
-
SHA1
44ec80a1259df99ac06cc342b03ca0fb9db22faf
-
SHA256
b6156814d7014a38587991b19eec9228439bc0b2558cfa9bedb4e72ac611fccb
-
SHA512
f212cde6c87920b3ee6e588c473987646c3f6ddca4b2122dd876ff61815dc7dccbbcb469024fd50cb0f3e1829643859e3eec4c8a91442056624c6f5922344b35
-
SSDEEP
384:feCnIM4AZxFYzXKZHqwAodV5rroIYJFzcQ8tFq3qs6jUasojg4APsTTlj5a6wIYU:feu4RIDfov4bFyUjUnWsKGVD6
Score1/10 -