General
-
Target
tiktok_v37.8.5_premium_mod_apk.7z
-
Size
17.3MB
-
Sample
250111-pcwzds1pen
-
MD5
fdfcc4dad425b371fbf5a7a656079e31
-
SHA1
cfff4a729c73969b246efd1aa4f6a35fdbe9d4ed
-
SHA256
7e81255c0d2ea93e2be6fbbfd72def095dcdb2d49e70084567e8374ab35b4c3d
-
SHA512
0523dea6099d2310a28c79c82e758c9713cfa07ae8146b395dc762bb9f1d9b7db39723a22490ae268ebe1ce19a9ce6cdb98981ab20b3135772943fe58d7fe7a2
-
SSDEEP
393216:3DoGtbjZwgLL6LsvOGjcS1L4Qkv8u+Bs7gBOdrK5lb:3Rv9vxjceMWs0Bj5p
Static task
static1
Behavioral task
behavioral1
Sample
appFile.exe
Resource
win10ltsc2021-20241211-en
Behavioral task
behavioral2
Sample
appFile.exe
Resource
win11-20241007-en
Malware Config
Extracted
lumma
https://goldyhanders.cyou/api
Targets
-
-
Target
appFile.exe
-
Size
791.2MB
-
MD5
82686e0955d4f95f17aed722c193b2b0
-
SHA1
8670a7d38ffa8949f43765810352e3345fc9b06c
-
SHA256
b599b90fbdbcb848845f27909f7cb450ef803aa381c6ecf208583514dfdb8197
-
SHA512
a9fd5a230befd1fc634ccd31aa0a9ae1517f1e5ca112e8083f82753c1e0a777a7e51d876cb2b22536ab57d354e8a543bd384182e71385542a76d8f7fedf429b0
-
SSDEEP
393216:niq6P6wKHS/WIueH446OQWlY9D056oJtIu+ue+I0lH8GxKOJ2x+rJvgtAFuUzY:cPsiHhAtiKOubGY
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-