General
-
Target
Setup.exe
-
Size
70.0MB
-
Sample
241124-wxn8lssldy
-
MD5
d3ded6f6292b7b3b538776a0ca8f33b2
-
SHA1
de88a415456610f30bf171880d6c5cbbb3ca3240
-
SHA256
1425478a96cf67a4805323afa3987ea4e7424dad16e7c3c32d03da96fa049919
-
SHA512
bb3ebb0e8c694501f49bcf2c4feaa86bac1dd1570e227e8abe74538f969eb45d93ccfb9529b99d4eeb47c2ef25548bac6756662ca639c1c42295a60204309764
-
SSDEEP
24576:ATLKgMF5jTObaIvsD7sBM8I7oRCL7piz5nWXVW:Tv5rIf1RRGwn4Q
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
lumma
https://spicywind.shop/api
Targets
-
-
Target
Setup.exe
-
Size
70.0MB
-
MD5
d3ded6f6292b7b3b538776a0ca8f33b2
-
SHA1
de88a415456610f30bf171880d6c5cbbb3ca3240
-
SHA256
1425478a96cf67a4805323afa3987ea4e7424dad16e7c3c32d03da96fa049919
-
SHA512
bb3ebb0e8c694501f49bcf2c4feaa86bac1dd1570e227e8abe74538f969eb45d93ccfb9529b99d4eeb47c2ef25548bac6756662ca639c1c42295a60204309764
-
SSDEEP
24576:ATLKgMF5jTObaIvsD7sBM8I7oRCL7piz5nWXVW:Tv5rIf1RRGwn4Q
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-