General
-
Target
176.113.115.225.ps1
-
Size
533KB
-
Sample
250127-sbkfratnbt
-
MD5
eaf7ebe973ee32e26027ba74eb211b0c
-
SHA1
29f2261e2a37e97045d000cc1bd0fb614cff9f74
-
SHA256
97a191d90077f093ce6e0d472167b36bb648de846098ed494d981c1076d358f5
-
SHA512
c35bd999fb35a1a28816622cdf743e5d2287b1a5933229d682ac0da1c96a91fc81dcdcd2daeac1e9dff79fc74f1c3af79e044037ff0318d13380addc7067b966
-
SSDEEP
12288:ZcTOT1uStOOovc4mkab9NY+2GyKKIoKUOwFL9:ZcTPStkvcVZT2GyQoKUOwFL9
Static task
static1
Behavioral task
behavioral1
Sample
176.113.115.225.ps1
Resource
win7-20241010-en
Malware Config
Extracted
lumma
https://toppyneedus.biz/api
Targets
-
-
Target
176.113.115.225.ps1
-
Size
533KB
-
MD5
eaf7ebe973ee32e26027ba74eb211b0c
-
SHA1
29f2261e2a37e97045d000cc1bd0fb614cff9f74
-
SHA256
97a191d90077f093ce6e0d472167b36bb648de846098ed494d981c1076d358f5
-
SHA512
c35bd999fb35a1a28816622cdf743e5d2287b1a5933229d682ac0da1c96a91fc81dcdcd2daeac1e9dff79fc74f1c3af79e044037ff0318d13380addc7067b966
-
SSDEEP
12288:ZcTOT1uStOOovc4mkab9NY+2GyKKIoKUOwFL9:ZcTPStkvcVZT2GyQoKUOwFL9
-
Lumma family
-
Suspicious use of SetThreadContext
-