General

  • Target

    Exloader.zip

  • Size

    5.0MB

  • MD5

    d063d4ed1825677c49318334f4f5715d

  • SHA1

    15bb70f974a021141104ad7fd624246f3d3f8518

  • SHA256

    9d3bff1e8d84def24d52982b30cdda2403fb5645ac7e1b6fa7143c3810bb664d

  • SHA512

    6327b1d8f271e14d385eaf593036cf4eec8b2d316187c34267078347908f90bfa8762ad4e7b5288e3c3f19134383f948c7feebfe0b63c7be4b55f01252f57ce9

  • SSDEEP

    98304:FEIOf75mbmYkp4HnrQxOnC0/lWYMKKfmsSfjHut3dokFZulIRJh1QxqxOBiesK:uDNmCYkp4Hnr2x0/qZuVjOt3dhF8Sjhs

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://robinsharez.shop/api

https://handscreamny.shop/api

https://chipdonkeruz.shop/api

https://versersleep.shop/api

https://crowdwarek.shop/api

https://apporholis.shop/api

https://femalsabler.shop/api

https://soundtappysk.shop/api

https://letterdrive.shop/api

Signatures

  • Lumma family
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Exloader.zip
    .zip

    Password: 1212

  • Exloader/7zxa.dll
    .dll windows:4 windows x86 arch:x86

    Password: 1212

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Exloader/Data/MimeKit.dll
    .dll windows:4 windows x86 arch:x86

    Password: 1212

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Exloader/Data/System.Buffers.dll
    .dll windows:4 windows x86 arch:x86

    Password: 1212

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Exloader/RarExt.dll
    .dll windows:4 windows x86 arch:x86

    Password: 1212

    758166a67af3f26c40fb965e9c353305


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Exloader/exland_setup_v3.exe
    .exe windows:4 windows x86 arch:x86

    Password: 1212

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Exloader/psmachine_arm.dll
    .dll windows:6 windows x64 arch:x64

    Password: 1212

    0d020021ac625359d87472ba570135e4


    Code Sign

    Headers

    Imports

    Exports

    Sections