General
-
Target
Setup.exe
-
Size
70.3MB
-
Sample
241123-m99weazmep
-
MD5
9f255c59cb7291f7170e4418a649bd8e
-
SHA1
61ff59f20f18bd99847def7b88b3f8350d778de3
-
SHA256
22fbcd9bba70fe43ccd1f1ca55b79c1d74238b7a3cacbffad165fc07e70d832b
-
SHA512
07caf2a927878e94ecc89fd62fe5f565ee5d30d70d3080ad72f861dc3ca9cc60c3b885bcf90dae83e81866e3cca66a57468fac246ab676830d59143e2baf17af
-
SSDEEP
196608:FBRF28rm4cOYfGvAA7a94pHL9VvJYQ7AuvHGRoc7hwd0fkBST3C9Og:FBRE8tYevn29cLf7J
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240903-en
Malware Config
Extracted
lumma
https://mysticriver.shop/api
Targets
-
-
Target
Setup.exe
-
Size
70.3MB
-
MD5
9f255c59cb7291f7170e4418a649bd8e
-
SHA1
61ff59f20f18bd99847def7b88b3f8350d778de3
-
SHA256
22fbcd9bba70fe43ccd1f1ca55b79c1d74238b7a3cacbffad165fc07e70d832b
-
SHA512
07caf2a927878e94ecc89fd62fe5f565ee5d30d70d3080ad72f861dc3ca9cc60c3b885bcf90dae83e81866e3cca66a57468fac246ab676830d59143e2baf17af
-
SSDEEP
196608:FBRF28rm4cOYfGvAA7a94pHL9VvJYQ7AuvHGRoc7hwd0fkBST3C9Og:FBRE8tYevn29cLf7J
-
Lumma family
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-