General
-
Target
cb0115723aafc140ff90329b58d1c24fadba10e366ee0972b565c973662b95efN
-
Size
3.1MB
-
Sample
250113-cbazbazmez
-
MD5
8483febc34d0b275b35727486f11c400
-
SHA1
6450210de1390361ede70a64ffad70909aba9f92
-
SHA256
cb0115723aafc140ff90329b58d1c24fadba10e366ee0972b565c973662b95ef
-
SHA512
e9355a983a022945b8c10133683753a8ad9639daae9b48662ed1bec5e5fd8d192d515b0bb059f92ef0fab43bb77a1164a9fbb358f731ad69da2b47264d3d315e
-
SSDEEP
49152:CMKO1on9iWK6q/C3luTg5Iokb7yfFTW8ibDw348JKVi+KmD6gAGbnwF:C01Zb6qwuoIpb73Fb84oKzJAG
Static task
static1
Behavioral task
behavioral1
Sample
cb0115723aafc140ff90329b58d1c24fadba10e366ee0972b565c973662b95efN.exe
Resource
win7-20240903-en
Malware Config
Extracted
lumma
https://showpanicke.shop/api
Targets
-
-
Target
cb0115723aafc140ff90329b58d1c24fadba10e366ee0972b565c973662b95efN
-
Size
3.1MB
-
MD5
8483febc34d0b275b35727486f11c400
-
SHA1
6450210de1390361ede70a64ffad70909aba9f92
-
SHA256
cb0115723aafc140ff90329b58d1c24fadba10e366ee0972b565c973662b95ef
-
SHA512
e9355a983a022945b8c10133683753a8ad9639daae9b48662ed1bec5e5fd8d192d515b0bb059f92ef0fab43bb77a1164a9fbb358f731ad69da2b47264d3d315e
-
SSDEEP
49152:CMKO1on9iWK6q/C3luTg5Iokb7yfFTW8ibDw348JKVi+KmD6gAGbnwF:C01Zb6qwuoIpb73Fb84oKzJAG
-
Lumma family
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-