General
-
Target
TiagoExecutor.exe
-
Size
554KB
-
Sample
241126-kehgkatjaz
-
MD5
613df599866679f7f19d12ff86220db8
-
SHA1
33a2f464888fd8aedd2c4cd8f79e9e43321d8465
-
SHA256
65f8e0e219637833386b6cfe27bd2f8446a214f02149628c63dd0329501e17e6
-
SHA512
4091dc9ce75e7ff9a1131aa200e30ca293a8619a616bce17a4f5fa6e79602848efd422be64be7af8aff3c99f75536d2ea45dbcf1d7afb0a7998a0526bf76ce13
-
SSDEEP
12288:2Nqf82rBbd4Qlj68ZEpv/7B+WIOzys7AsMC6WReVDTKwWZwfwsBAlny7Jc23OBuB:2s82ZWQx6AKsWL
Static task
static1
Behavioral task
behavioral1
Sample
TiagoExecutor.exe
Resource
win7-20240903-en
Malware Config
Extracted
lumma
https://pedestriankodwu.xyz/api
https://towerxxuytwi.xyz/api
https://ellaboratepwsz.xyz/api
https://penetratedpoopp.xyz/api
https://swellfrrgwwos.xyz/api
https://contintnetksows.shop/api
https://foodypannyjsud.shop/api
https://potterryisiw.shop/api
https://extorteauhhwigw.shop/api
Targets
-
-
Target
TiagoExecutor.exe
-
Size
554KB
-
MD5
613df599866679f7f19d12ff86220db8
-
SHA1
33a2f464888fd8aedd2c4cd8f79e9e43321d8465
-
SHA256
65f8e0e219637833386b6cfe27bd2f8446a214f02149628c63dd0329501e17e6
-
SHA512
4091dc9ce75e7ff9a1131aa200e30ca293a8619a616bce17a4f5fa6e79602848efd422be64be7af8aff3c99f75536d2ea45dbcf1d7afb0a7998a0526bf76ce13
-
SSDEEP
12288:2Nqf82rBbd4Qlj68ZEpv/7B+WIOzys7AsMC6WReVDTKwWZwfwsBAlny7Jc23OBuB:2s82ZWQx6AKsWL
-
Lumma family
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-