lumma | 7237c1f01b83342db06fae7e57e574d3566a2cea0f7af7137e12ad2dccd3ebe0

Sharing

Copy URL

Twitter E-mail

General

Target

NewSetup.7z
Size

133.1MB
Sample

250107-z7apra1mcp
MD5

b685a3a0cb3c608c26f745701ea2aec4
SHA1

105238e6e2ea6ddb46812583cf493f60b99722e2
SHA256

7237c1f01b83342db06fae7e57e574d3566a2cea0f7af7137e12ad2dccd3ebe0
SHA512

565e0d02bad12b195c5adea09faf77a8722ea76f447a22d41f723190a9960cb9315c39a7d92993ac410385b34d8082c8283dd9c5a78f549b2de8563fc4fe01c0
SSDEEP

3145728:/iVGs+TQrpPM+Ec59g2fKFDYazxMbzT6l/cIZorVpo8:/wVlM+E0KFDYazxEeieoBR

Score

10^/10

Malware Config

Extracted

Family

lumma

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

- Target
  
  jre/bin/jaas_nt.dll
- Size
  
  19KB
- MD5
  
  503275e515e3f2770a62d11e386eadbf
- SHA1
  
  c7be65796aa0e490779f202c67eec5e9fbb65113
- SHA256
  
  97b5d1c8e7aaace5c86a418cb7418d3b0ba4f5e178de3cf1031029f7f36832af
- SHA512
  
  ac7c0cb626c2d821f0f4e392ee4e02c9e0093f019aa5b2947e0c7b3290a0098a3d9bb803ab44fd304ca1f1d272cfb7b775e3c75c72c7523ff7240f38440cfc3c
- SSDEEP
  
  384:45kF/QP8xkI6hgWIE0PVlyJSZ9nYPLr7+:4SqP7I6rkd4EfC7+
Score

8^/10

discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  jre/bin/jabswitch.exe
- Size
  
  30KB
- MD5
  
  530d5597e565654d378f3c87654ccaba
- SHA1
  
  6fac0866ee0e68149ac0a0d39097cef8f93a5d9e
- SHA256
  
  0cfaa99ae669ddc00bd59b5857f725dff5d4c09834e143ab1b5c5f0b5801d13b
- SHA512
  
  d7520a28c3054160fcd62c9d816a27266be9333e00794434fb4529f0ff49a2b08e033b5e67a823e5c184ee2d19d7f615ff9ee643fe71c84011a7e5c03251f3b4
- SSDEEP
  
  768:+HhfWinfwUFAvnb5TIUX+naSOu9MQQ5jhC7EY:cuin5FAvNTIUX+nbMQQ54EY
Score

3^/10

discovery
behavioral2
- Target
  
  jre/bin/java-rmi.exe
- Size
  
  15KB
- MD5
  
  cf2f023d2b5f0bfb2ecf8aeea7c51481
- SHA1
  
  6eb867b1ac656a0fc363dfae4e2d582606d100fb
- SHA256
  
  355366d0c7d7406e2319c90df2080c0fae72d9d54e4563c48a09f55ca68d6b0c
- SHA512
  
  a2041925039238235adc5fe8a9b818dff577c6ea3c55a0de08da3dedd8cd50dc240432ba1a0aea5e8830dcdccd3bfbf9cf8a4f21e9b56dc839e074e156fc008d
- SSDEEP
  
  384:GpsbHnDiW6gejmSHhV8cGees7snYPLr7Wj53:GpsbHn/HS/8cresgC743
Score

3^/10

discovery
behavioral3
- Target
  
  jre/bin/java.dll
- Size
  
  123KB
- MD5
  
  73bd0b62b158c5a8d0ce92064600620d
- SHA1
  
  63c74250c17f75fe6356b649c484ad5936c3e871
- SHA256
  
  e7b870deb08bc864fa7fd4dec67cef15896fe802fafb3009e1b7724625d7da30
- SHA512
  
  eba1cf977365446b35740471882c5209773a313de653404a8d603245417d32a4e9f23e3b6cd85721143d2f9a0e46ed330c3d8ba8c24aee390d137f9b5cd68d8f
- SSDEEP
  
  3072:Kw2b3Kr+uWU9XzFhziJ1TBZAhsIn/B9NZwMgjeNXLD:43KFFheLCBpV/
Score

3^/10

discovery
behavioral4
- Target
  
  jre/bin/java.exe
- Size
  
  186KB
- MD5
  
  e3e51a21b00cdde757e4247257aa7891
- SHA1
  
  7f9e30153f1df738179fff084fcdbc4dae697d18
- SHA256
  
  7e92648b919932c0fbfe56e9645d785d9e18f4a608df06e7c0e84f7cb7401b54
- SHA512
  
  fc2981a1c4b2a1a3e7b28f7bf2be44b0b6435fd43f085120946778f5c2c2ca73ad179796dec0b92f0c6c8f6b63dd329eecc0af1bb15392364c209dcf9cd6f7ca
- SSDEEP
  
  3072:iUJiEoGLsncZizZQ7QBdCPdG3TBfMzrjZqMNGSplN2:iUJsnVzy7QBdC1G3TBEvFp6
Score

3^/10

discovery
behavioral5
- Target
  
  jre/bin/java_crw_demo.dll
- Size
  
  23KB
- MD5
  
  1c47dd47ebd106c9e2279c7fcb576833
- SHA1
  
  3ba9b89d9b265d8cec6b5d6f80f7a28d2030a2d1
- SHA256
  
  58914ad5737f2dd3d50418a89abbb7b30a0bd8c340a1975197eea02b9e4f25b2
- SHA512
  
  091f50b2e621ed80bafe2541421906de1bcc35a0e912055b93e40cd903be8b474103c0d8fecdf46e7f2f3c44bdade64a857ab2b9cb5404306055150ee4ed002a
- SSDEEP
  
  384:Qp2dG5pC/ujTc8ZrEnrZm8WXLFnPV52WZQAnYPLr7lOGa:uvCGjJ0Q9ndRZdC71a
Score

3^/10

discovery
behavioral6
- Target
  
  jre/bin/javacpl.cpl
- Size
  
  156KB
- MD5
  
  4e3c37a4de0b5572d69ad79b7a388687
- SHA1
  
  6b274e166641f9ce0170e99fe2d1f4319b75a9e8
- SHA256
  
  893a86e7b1de81dedab4794732fccd02790756a2dbe4815c102f039088dfcbd2
- SHA512
  
  8352a1cd859d17a27560448c6ffb0e8200096cac744c8bb56330397fde0b7f702e2295999d89fbad74df72df200c391113a23a9b4342abac738167967533f9cd
- SSDEEP
  
  3072:a2lpElIhbyyH3c1CX766zKELxKvFaPSnjZqMNJlGle:a2rE+xdW+76DEVKv8wv
Score

3^/10

discovery
behavioral7
- Target
  
  jre/bin/javacpl.exe
- Size
  
  68KB
- MD5
  
  c2a59c7343d370bc57765896490331e5
- SHA1
  
  a50af979e08a65eb370763a7f70cdb0e179d705d
- SHA256
  
  40614fe8b91e01ad3562102e440bdbf5fac5d9f7292c6b16a58f723bfffe6066
- SHA512
  
  ca266f1b2e51f66d119e2d71e3377c229a3d583853ffb606c101afeb41689ace7d1f1594781091da67f9be9d09f3019bf048c0f819777e8f1827a56beec252c4
- SSDEEP
  
  768:jFVfr2k521ZnrawwMmqPXt+rP3b/9/YMCxx0OpPOrEE14EVHLAuDeGJiqrmehiV9:PxioMmqF+2x0MORLVq7qjh3rmKPNpwGg
Score

3^/10

discovery
behavioral8
- Target
  
  jre/bin/javafx_font.dll
- Size
  
  56KB
- MD5
  
  aeada06201bb8f5416d5f934aaa29c87
- SHA1
  
  35bb59febe946fb869e5da6500ab3c32985d3930
- SHA256
  
  f8f0b1e283fd94bd87abca162e41afb36da219386b87b0f6a7e880e99073bda3
- SHA512
  
  89bad9d1115d030b98e49469275872fff52d8e394fe3f240282696cf31bccf0b87ff5a0e9a697a05befcfe9b24772d65ed73c5dbd168eed111700caad5808a78
- SSDEEP
  
  1536:f6arRmcnq2lxm+Na6C7HIT6T8E2pLSSm3:fzm+q7HITS8E2pLSSA
Score

3^/10

discovery
behavioral9
- Target
  
  jre/bin/javafx_font_t2k.dll
- Size
  
  436KB
- MD5
  
  8ae40822b18b10494527ca3842f821d9
- SHA1
  
  202dffa7541ad0fad4f0d30cee8c13591dca5271
- SHA256
  
  c9742396b80a2241ce5309c388b80000d0786a3cab06a37990b7690fd0703634
- SHA512
  
  aa324a265639c67843b4bf6828029b413044cbe4d7f06a253b78b060ea554fecc6e803d59d03742c485b2eb3d52e5c0a44928dcc927501f413ee4664bb8a11f5
- SSDEEP
  
  12288:RreTVhY4gXwLR4YS+OX3kQg4O5kM2LY58gwDTxXvwGSelo:Rr4VhyK7eTxXvwelo
Score

3^/10

discovery
behavioral10
- Target
  
  jre/bin/javafx_iio.dll
- Size
  
  123KB
- MD5
  
  01706b7997730eaa9e2c3989a1847ca6
- SHA1
  
  7cead73cbe94e824fa5e44429b27069384bfdb41
- SHA256
  
  20533c66c63da6c2d4b66b315ffcf5c93ae5416e3dae68cdd2047efe7958ab3a
- SHA512
  
  3272c8de6c32d53372d481441da81ae2b6ea02e8360b23d7f793b24827bd683a6604f43be18ce2bee40038fbe7d5f7af78b2c465a51f82478d881dbeb5744dc2
- SSDEEP
  
  3072:oOxjjADzd+aeaPB9JhjxkM2wzGdXJbD/jn8Y6:ocKzeaPB9JhjxknwzG5JbDb8F
Score

3^/10

discovery
behavioral11
- Target
  
  jre/bin/javaw.exe
- Size
  
  187KB
- MD5
  
  48c96771106dbdd5d42bba3772e4b414
- SHA1
  
  e84749b99eb491e40a62ed2e92e4d7a790d09273
- SHA256
  
  a96d26428942065411b1b32811afd4c5557c21f1d9430f3696aa2ba4c4ac5f22
- SHA512
  
  9f891c787eb8ceed30a4e16d8e54208fa9b19f72eeec55b9f12d30dc8b63e5a798a16b1ccc8cea3e986191822c4d37aedb556e534d2eb24e4a02259555d56a2c
- SSDEEP
  
  3072:lScg0xvhTZNIs3Ft+STckCBQo3C0Y22vncTBfsO9jZqMN3cH1Tefqk:lSclI6nTc3BQo3C0YHncTBxvs65
Score

3^/10

discovery
behavioral12
- Target
  
  jre/bin/javaws.exe
- Size
  
  263KB
- MD5
  
  f8211db97bf852c3292c3e9c710c19d9
- SHA1
  
  46dad07779e030d8d1214afe11c4526d9f084051
- SHA256
  
  ecf4307739ca93f1569ce49377a28b31fe1eb0f44b6950dbaafa1925b24c9752
- SHA512
  
  b3e20eeca87136cae77f06e4149e65ebfef71a43589f7e2833008fe43811a2bc8b6202b6adb5ce122a1822e83ce226b833def93a2b161476bd5b623794e4f697
- SSDEEP
  
  6144:Fp9B0qT85g5Sq+VBY2qVLC2wH5rM8HoQvlHO:5uqT85sSq+ERVm2wZEQvlHO
Score

3^/10

discovery
behavioral13
- Target
  
  jre/bin/jawt.dll
- Size
  
  13KB
- MD5
  
  0291ba5765ee11f36c0040b1f6e821fb
- SHA1
  
  ffe1dcf575ccd0374df005e9b01d89f6d7095833
- SHA256
  
  f8540be2bbd5bde7962d2fe4e7ec9ef9bf53d95b48781ae549aa792f10032485
- SHA512
  
  72addc631d8cf064e1b047b51eef7f306ca959d24ed705065c33ee8dddf7ea84b95b3de5b0709015a81d36aca01e15ce99a354d4069d4d798ed128a6a76d1010
- SSDEEP
  
  192:ahKnvndLwm3XLPVlD6yTUZnYe+PjPriT0fwdNJLkoRz:a4j7PVl1TAnYPLr7cLka
Score

3^/10

discovery
behavioral14
- Target
  
  jre/bin/jdwp.dll
- Size
  
  160KB
- MD5
  
  6e08d65f5cbb85e51010f36a84fc181d
- SHA1
  
  4eee8be68baaf6320aea29131a1c0b322f09f087
- SHA256
  
  2d8658909d9e357a4b70fcf862d690eec82a2f77161abb021e0839c6a67d4825
- SHA512
  
  df4494d062e9a8ac82d727d2722dcf32c3fc924fa104f384fa099adb08ecbdeea7a19245d779097c0afcf51f84852328ed595c88380f42bd39560678c8ad9621
- SSDEEP
  
  3072:XrQPwE5tlGsXVomHvD+1febSICzqozXtrQwnNZkB+5:XU15tpX9HvsfrTtMwNWBY
Score

3^/10

discovery
behavioral15
- Target
  
  jre/bin/jfr.dll
- Size
  
  22KB
- MD5
  
  700f5789d2e7b14b2f5de9fdb755762e
- SHA1
  
  f35ede3441d6e5461f507b65b78664a6c425e9ac
- SHA256
  
  d115eaf96bd41c7a46400dcff7ef26ac99e3cf7a55a354855c86bae5c69a895a
- SHA512
  
  664a442dd424ca04ac0ce072b9bbd5ef7c657b59a26403c44a856738f7998466bfe3010825a13451281841d39b0a34d8997ee24497d626ec60c19aa1af0ee465
- SSDEEP
  
  384:YL4Z7lZRiY3PB6cGgOp2m1zq2oatSnPV5zYxkpLfsnYPLr7Ybc:E4PZRiY3PB6cVAebaMnd+ypLkC7Cc
Score

3^/10

discovery
behavioral16
- Target
  
  jre/bin/jfxmedia.dll
- Size
  
  112KB
- MD5
  
  8bc8fe64128f6d79863bc059d9cc0e2e
- SHA1
  
  c1f2018f656d5500acf8fa5c970e51a55004da2e
- SHA256
  
  b77cd78ff90361e7f654983856ee9697fdc68a0f9081c06207b691b0c9af1f5d
- SHA512
  
  6771f23ecf1a449eb6b0b394e0f1d3eb17c973fc0544ba25487c92f215acc234fc31c9b7be5528efd06d29a35bb37dd7934318837576862adfc2631b4d610a24
- SSDEEP
  
  3072:2Cgsy+/cydqNiaZr+lOzZPh7/W4MCnc8Ioaa2yFWcC6vsx/8:FZOzZPh7/WSe+S6v+U
Score

3^/10

discovery
behavioral17
- Target
  
  jre/bin/jfxwebkit.dll
- Size
  
  32.4MB
- MD5
  
  4d857a5fc9ca16d2a67872faccf85d9f
- SHA1
  
  eaeb632e526efa946e4db1b8cfa31de6a7b03219
- SHA256
  
  7ffa7423dda07499394b345e5ece2d54c8e19247e6e76c0e23b5bf1470ab0d7f
- SHA512
  
  8dbc8675ce2dace8d629c3fa66cf65704346ab829ae0b0a1d7b25be22783b7e73624ba70f6d67264d6ca1656d7590e3753a8df2227da45112c5bd4a5654089af
- SSDEEP
  
  393216:VJ8d7SMzwH5R2sdDcBwHHdI4DKRlDsqXCagQZhzvilh2Wlq7ODI:VJ8d7zzUesdDtevn
Score

3^/10

discovery
behavioral18
- Target
  
  jre/bin/jjs.exe
- Size
  
  15KB
- MD5
  
  4f11d43aa2215ce771da528878f01c8e
- SHA1
  
  8062681d73489ff200ca0ba426ff1ff3f44494a7
- SHA256
  
  0d554cd4b373d6d9b9c179a468d179388706c0bde4d878ed75ef575651588b3c
- SHA512
  
  34cb271c32fb479cfaeec536a5d35a41730e90001d67dc9db595db240a1f58c3bf12334bb5cde7673c8e56a4c272bfbd66e4eacdee0082f6fd583e4e039ec540
- SSDEEP
  
  384:GpsE5cnm6ObmSHhV8j0eeq4SziahnYPLr79OOu:Gpszn6iS/8jxeqfhC78Ou
Score

3^/10

discovery
behavioral19
- Target
  
  jre/bin/jli.dll
- Size
  
  155KB
- MD5
  
  73a76ec257bd5574d9db43df2a3bb27f
- SHA1
  
  2c9248eae2f9f5f610f6a1dfd799b0598da00368
- SHA256
  
  8f19b1ba9295f87e701c46cb888222bb7e79c6ee74b09237d3313e174ae0154f
- SHA512
  
  59ecd5fcf35745bdadcdb94456cb51bb7ea305647c164fe73d42e87f226528d1a53ce732f5ec64ce5b4581fa8a17cfbfdc8173e103ae862d6e92eb3ad3638518
- SSDEEP
  
  3072:gLkNbBRaz4rQWiG6wMz9/S3en9pHUw06TBfkqI44:rNbB4Mcnv7z6en9pj06TB6
Score

3^/10

discovery
behavioral20
- Target
  
  jre/bin/jp2iexp.dll
- Size
  
  202KB
- MD5
  
  475dd87198f9c48efb08aab4ade8af5a
- SHA1
  
  9b657e0837639663d4d721f8c5e25401f11e7beb
- SHA256
  
  32764005fcce7d0e51801528f6b68c860979e08d027a5220dfec19b2a8013354
- SHA512
  
  0b492b0fbadc14178a6f79a58e47c30d92b59b18414e38a7b119699d0788acf3713f925cf0ec570be3e29ab26bdb6b567c38526bc0603ba78ecc3e2952ea3e2b
- SSDEEP
  
  6144:ckZ5ktGCru8e6Y3RhNw0mjs+OBS7n7ACKRAHbW:ciIbS6Y37Nw0/QC
Score

3^/10

discovery
behavioral21
- Target
  
  jre/bin/jp2launcher.exe
- Size
  
  80KB
- MD5
  
  5f85f7f2dfac397d642834b61809240f
- SHA1
  
  eca28e8464208fa11ef7df677b741cdd561483d9
- SHA256
  
  b71e00adb77d87882d58993a5888955bdd62c57d364f60aaa0fa19d32a69c9da
- SHA512
  
  2bfe9fce450e57ea93deeaa85a746cb17ba946eeff866f10d67c74f7ea038b16910e0d8ef29e9f358af7daabd45e3983c370fef82a9647546819dcde3aee45bc
- SSDEEP
  
  1536:ez2dfBusTTkMffX+xR5kdt94u+508AqDfJOqsbCkq24maADX:kE5u+kkX+P+dt9O08JJOZXX4nADX
Score

3^/10

discovery
behavioral22
- Target
  
  jre/bin/jp2native.dll
- Size
  
  18KB
- MD5
  
  4023e25f92b5f13e792901bf112a8ea2
- SHA1
  
  31adcd411905832b89ea55dec8b9c83af3c7d3ea
- SHA256
  
  432aedac59fa161fed5a5d95ca5f8cfd1d73a35abe8a7090d137100f727b687b
- SHA512
  
  ad0e6f8071eb09e843989e637baca988dd7706d84fc26db7c2e18bbe03a78a6c5bfe4f1b28289b5929b2b86c53fb6c3dae42523dc8ede8057a8f431aea77bb20
- SSDEEP
  
  384:PTjlu57T5J5eFeYW7TPVlN3B+ASZQ4NNR7F3qnYPLr7om0:PnUd5eFeDfd5Sj7oC7om0
Score

3^/10

discovery
behavioral23
- Target
  
  jre/bin/jp2ssv.dll
- Size
  
  182KB
- MD5
  
  e9373908186d0da1f9ead4d1fdad474b
- SHA1
  
  c835a6b2e833a0743b1e8f6f947cfe5625fe791f
- SHA256
  
  e2fbd6c6334d4765ff8dff5c5fe3df8b50015d0bf9124142748fadb987b492ff
- SHA512
  
  bfdc236d462dac45fd63c112e40558ed4e11e76fb4d713926a679fd573f67fa16451231a03178926b76bd267f092a33a3b6760cf4812de2679bb9505b83f8261
- SSDEEP
  
  3072:XsSFQQB7SGWV2xrkvql6QPJD7mGVqjLypDTaDE5zwmFxy7HglbZrdIG:XJ97PxYAPJ/RV0tDCzw+xy0ldOG
Score

3^/10

discovery
behavioral24
- Target
  
  jre/bin/jpeg.dll
- Size
  
  142KB
- MD5
  
  4294d39cc9e5f23754d41b9dde710112
- SHA1
  
  1baa1e136f18108ab4e31ec005dec54fc3f23a7c
- SHA256
  
  de3eeded01b35dc7c29b0b758211bb1db73ccffb9298d281daf56924ed9e93cb
- SHA512
  
  e88dff129dd35445b32a2dbcab97cf752e9acdf82ff88b184fa6d3b461d55bd2d195794802c5ba5e7effa086dc89e0c2cef0c8b0bfa29ac70b75cfb1b4b0584c
- SSDEEP
  
  3072:S2yRKm4/j/dKLnjHy7OMD+MqS1RYio7+oD33GnUV0fem2M:S2ytqlYnjHehDzqiq+oD33OUV8Vx
Score

3^/10

discovery
behavioral25
- Target
  
  jre/bin/jsdt.dll
- Size
  
  16KB
- MD5
  
  4bdf31d370f8a893a22820a3b291cc1d
- SHA1
  
  bd27656b42f881eee1940cfe15cf84c1938b57ba
- SHA256
  
  c98dfac99cc1e05d5f86b2577031a7624dcc13d0a8344b2855f166335177bc16
- SHA512
  
  51623274c13da71ad01dbad7950444b512f08c3dc04e27f0321df02e9f3c4dfb308def35f58524cccce79ed2a8859d85c16dc0d9bea378e5538e23602d35aa76
- SSDEEP
  
  384:n11I27Bf0jeZy+hiqEyRoPV527rBnYPLr7/U:nrJfYqodYJC78
Score

3^/10

discovery
behavioral26
- Target
  
  jre/bin/jsound.dll
- Size
  
  30KB
- MD5
  
  7bd914407c6d236b27865a8c63147b7f
- SHA1
  
  9b49e48705341d30e3f92b85652e924c7985e415
- SHA256
  
  549849dc910261d817670b192715430395993e811d0fd3103651237d7f18929d
- SHA512
  
  624dc95f696bea311726eafb0017f363c8703b95a2e08de984c642867888cf5b9172326c2e2567ed4a2ea28f806b633840552c80be49eb6cf2a8fc4a0c259117
- SSDEEP
  
  384:mk87qhVj8sqgP7CRLMOPfkGo7UdJs0flkg2uG8RPGHTR5ny5pnYPLr7z:mk87qhVjaMOPJdJFflLJR+V03C7z
Score

3^/10

discovery
behavioral27
- Target
  
  jre/bin/jsoundds.dll
- Size
  
  27KB
- MD5
  
  6280201c1918ea3293919bb282d2b563
- SHA1
  
  3f6f5299a435e2a0c36be8aad4cb2fcaacd0897d
- SHA256
  
  0711127a297e4cc1927d77013fc040caa26930c34a4c7b4d7631bce9c8041b74
- SHA512
  
  a4c4507ed4fdec038fafa62970161e7b75ff9a2abbdf854ed55483144dcdc0fc9d21235fdddf1b38303723f9c615ae388397c4d17b5391d8827a5b40ac52c5fc
- SSDEEP
  
  768:hgWe1DWI+mB7JkJKe3xVF2XNbuHEqe8yIGn3zY9pcQ/oGmEsg0sqkgiHmNs2Qd6X:qWbEK1Ms2dYJG
Score

3^/10

discovery
behavioral28
- Target
  
  jre/bin/kcms.dll
- Size
  
  174KB
- MD5
  
  bf299f73480af97a750492e043d1fadd
- SHA1
  
  c93c4a2dae812f31603e42d70711d3b6822f9e8e
- SHA256
  
  0334e3b7ae677116b92516172d0ca905723daf847d8b3b0dc3fc118edc703d51
- SHA512
  
  7265783f0dd653dbc4693d5efeb156281620c5421f29910f14c22b75a936233e9e897087e64b641335795484837f28f113ee9f380027698a898f19115fd0f648
- SSDEEP
  
  3072:gWosiKTxga2KtpdhEnGF5PNyR0BxDxxKF5HkEWnuYsauj9Fom1QB:3RRKAtpdhEn/0BzwFpvYm0z
Score

3^/10

discovery
behavioral29
- Target
  
  jre/bin/keytool.exe
- Size
  
  15KB
- MD5
  
  9a4cf09834f086568df469e3f670bf07
- SHA1
  
  594c4e0394475a6299c79e3a063c7d5ae49635f3
- SHA256
  
  709e9e544434c52285a72f29ad6b99ce1e7668545f10ad385c87abf34d2052bb
- SHA512
  
  cd551e7944461f3288b880b9d161f19f97eb4599a3a46cc93c4172b5112960fb0c040b9996f13cf0761fb85a283e2f20944135ec59660c807a59b29cddc44586
- SSDEEP
  
  384:Gps45cnQ6DmSHhV8r0eeU4Szi6nYPLr70aG:Gpsnn4S/8rxeUvC7RG
Score

3^/10

discovery
behavioral30
- Target
  
  jre/bin/kinit.exe
- Size
  
  15KB
- MD5
  
  4de6bfe6ea98bc42a5358ed8307107b2
- SHA1
  
  8f687e60784fd9046a361dc1dc85d43051cbd577
- SHA256
  
  7c07d167aa4a23ab64a205301663c87e578ff6b31985df8b51af80ca6999176f
- SHA512
  
  8091aadeacad1dac5191ebb996d1e4be25a19c10a4e76f79ab7ea2a592711fd39aad7e89d7dee09385296aa7a649aabfa7c325c4a627afe1c009c906709edb5a
- SSDEEP
  
  384:Gps45cnk6LlmSHhV8i+ceek4SzS+nYPLr7wd:Gpsnn5AS/8jZek7C7wd
Score

3^/10

discovery
behavioral31
- Target
  
  jre/bin/klist.exe
- Size
  
  15KB
- MD5
  
  ca17b8cbd623477c5d1d334b79890225
- SHA1
  
  2bfc372a28ede40093286cda45003951a2ce424f
- SHA256
  
  a7ac47ac8518e2d53575e12521b3a766a5e2ee4133c6c6ab9ae1c3c6777f5e77
- SHA512
  
  d9ddf3e67b9a4e0197d271243623d4df8a26a35ec2f5195ab316e910e133ba09c70f6d28e7ca69184e4ababcf063c014d7a6e6ea48f82382b316864a945175c5
- SSDEEP
  
  384:GpsJ5cn66FmSHhV8Teeek4SzSgnYPLr7mpB:GpsUngS/8TDekdC7yB
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32