General
-
Target
go-hacks.exe
-
Size
1.2MB
-
Sample
250630-ychlfavjw4
-
MD5
e43ba4f8b9580b247bf8eb0efa0e24e1
-
SHA1
f01b185123a11f28601a011ff1fcb445163a322c
-
SHA256
6a9e5bedbb775cd138a42abe9d3b2dce268252b76732a9bf120fa740df377e4e
-
SHA512
842f74d897e68bbebef288ef0bbdc14a43e4d81999620e80f93d7a298ede5ee2b9cf504442d079a97d5243c18f38f9bb8e45e22841282bdfcfbfad3f18f1e77b
-
SSDEEP
24576:HuE0Vsb8ImfhYaOVe07lID3aOVe07lID:OPVC8phHO575O57
Static task
static1
Behavioral task
behavioral1
Sample
go-hacks.exe
Resource
win10v2004-20250610-en
Malware Config
Extracted
lumma
https://t.me/vstalnasral555
https://swenku.xyz/gaok
https://pacwpw.xyz/qwpr
https://comkxjs.xyz/taox
https://unurew.xyz/anhd
https://trsuv.xyz/gait
https://sqgzl.xyz/taoa
https://cexpxg.xyz/airq
https://urarfx.xyz/twox
https://liaxn.xyz/nbzh
-
build_id
1f9f3331e63b0e3ffa2680d9ebda44d1ee22e3a0f1cf912e1f
Targets
-
-
Target
go-hacks.exe
-
Size
1.2MB
-
MD5
e43ba4f8b9580b247bf8eb0efa0e24e1
-
SHA1
f01b185123a11f28601a011ff1fcb445163a322c
-
SHA256
6a9e5bedbb775cd138a42abe9d3b2dce268252b76732a9bf120fa740df377e4e
-
SHA512
842f74d897e68bbebef288ef0bbdc14a43e4d81999620e80f93d7a298ede5ee2b9cf504442d079a97d5243c18f38f9bb8e45e22841282bdfcfbfad3f18f1e77b
-
SSDEEP
24576:HuE0Vsb8ImfhYaOVe07lID3aOVe07lID:OPVC8phHO575O57
-
Lumma family
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-