General
-
Target
Collapse.exe
-
Size
357KB
-
Sample
250106-nhpa3avndz
-
MD5
6fd28ba66676ec24c20f7a1a02aca6a5
-
SHA1
32ab78c8d3b4cc45aeb34fff6e2e50b997b1e646
-
SHA256
9a633fefd34e2ef705e2e28717cbf536427289c4fbceb6685e2f4174d6335023
-
SHA512
7bcd1fb02dcbc3eab541d1c30bea4f04a6804c5a845daff3e80f85f433337312c5935912130b9b392f816244baf6aee84c31198e496a550586cd8b98d35e4281
-
SSDEEP
6144:M9UgE9lgn7jVf+8aIpgRxLKUPSYjQkceSHmhhgWRDdSVh8VusOQAFKsM8Noc/Ft:E0lg7j55mf2Y+0/RDdSVGBOVoc/H
Static task
static1
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Targets
-
-
Target
Collapse.exe
-
Size
357KB
-
MD5
6fd28ba66676ec24c20f7a1a02aca6a5
-
SHA1
32ab78c8d3b4cc45aeb34fff6e2e50b997b1e646
-
SHA256
9a633fefd34e2ef705e2e28717cbf536427289c4fbceb6685e2f4174d6335023
-
SHA512
7bcd1fb02dcbc3eab541d1c30bea4f04a6804c5a845daff3e80f85f433337312c5935912130b9b392f816244baf6aee84c31198e496a550586cd8b98d35e4281
-
SSDEEP
6144:M9UgE9lgn7jVf+8aIpgRxLKUPSYjQkceSHmhhgWRDdSVh8VusOQAFKsM8Noc/Ft:E0lg7j55mf2Y+0/RDdSVGBOVoc/H
-
Lumma family
-
Suspicious use of SetThreadContext
-