Overview
overview
10Static
static
3Setup.exe
windows10-2004-x64
10Setup.exe
windows11-21h2-x64
10$TEMP/Anytime.dot
windows10-2004-x64
1$TEMP/Anytime.dot
windows11-21h2-x64
1$TEMP/Attitude.dot
windows10-2004-x64
1$TEMP/Attitude.dot
windows11-21h2-x64
1$TEMP/Color.dot
windows10-2004-x64
1$TEMP/Color.dot
windows11-21h2-x64
1$TEMP/Cons...es.dot
windows10-2004-x64
1$TEMP/Cons...es.dot
windows11-21h2-x64
1$TEMP/Entitled.dot
windows10-2004-x64
1$TEMP/Entitled.dot
windows11-21h2-x64
1$TEMP/Pleased.dot
windows10-2004-x64
1$TEMP/Pleased.dot
windows11-21h2-x64
1$TEMP/Richardson.dot
windows10-2004-x64
1$TEMP/Richardson.dot
windows11-21h2-x64
1$TEMP/Submitting.dot
windows10-2004-x64
1$TEMP/Submitting.dot
windows11-21h2-x64
1$TEMP/Turning.dot
windows10-2004-x64
1$TEMP/Turning.dot
windows11-21h2-x64
1General
-
Target
Setup.exe
-
Size
1.1MB
-
Sample
250701-f1tdqs1tew
-
MD5
5e80f3a191aae0fb63a1a0c6d8d781bb
-
SHA1
2083c8270cc0270cc2d2de1858fc38f5e9d09f9e
-
SHA256
240bce5a0d11df228597503ac7070f5f54cb40b71a8d1ed7f3de3d97dafacd47
-
SHA512
7e2601c6fc8e0642a2e405d39988d980c8a83c0d31b352e4b48525d73b67cf0582b4a77a80cc046717cf32a8d5f7b0a7ae2ec304dade1f6c769573ae3b08c0d8
-
SSDEEP
24576:O0adjo4mkZ7hDsijX4nq9wrQ9c5qAoKtzi2T9pgLbHcjXDFyMZI0Q2Myk81:OXU4p7hLjonq9RcVVBjpqbHczDS2n
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win11-20250619-en
Behavioral task
behavioral3
Sample
$TEMP/Anytime.dot
Resource
win10v2004-20250619-en
Behavioral task
behavioral4
Sample
$TEMP/Anytime.dot
Resource
win11-20250619-en
Behavioral task
behavioral5
Sample
$TEMP/Attitude.dot
Resource
win10v2004-20250610-en
Behavioral task
behavioral6
Sample
$TEMP/Attitude.dot
Resource
win11-20250610-en
Behavioral task
behavioral7
Sample
$TEMP/Color.dot
Resource
win10v2004-20250610-en
Behavioral task
behavioral8
Sample
$TEMP/Color.dot
Resource
win11-20250619-en
Behavioral task
behavioral9
Sample
$TEMP/Consequences.dot
Resource
win10v2004-20250619-en
Behavioral task
behavioral10
Sample
$TEMP/Consequences.dot
Resource
win11-20250619-en
Behavioral task
behavioral11
Sample
$TEMP/Entitled.dot
Resource
win10v2004-20250610-en
Behavioral task
behavioral12
Sample
$TEMP/Entitled.dot
Resource
win11-20250619-en
Behavioral task
behavioral13
Sample
$TEMP/Pleased.dot
Resource
win10v2004-20250619-en
Behavioral task
behavioral14
Sample
$TEMP/Pleased.dot
Resource
win11-20250610-en
Behavioral task
behavioral15
Sample
$TEMP/Richardson.dot
Resource
win10v2004-20250502-en
Behavioral task
behavioral16
Sample
$TEMP/Richardson.dot
Resource
win11-20250619-en
Behavioral task
behavioral17
Sample
$TEMP/Submitting.dot
Resource
win10v2004-20250610-en
Behavioral task
behavioral18
Sample
$TEMP/Submitting.dot
Resource
win11-20250610-en
Behavioral task
behavioral19
Sample
$TEMP/Turning.dot
Resource
win10v2004-20250619-en
Behavioral task
behavioral20
Sample
$TEMP/Turning.dot
Resource
win11-20250619-en
Malware Config
Extracted
lumma
https://stochalyqp.xyz/alfp
https://narrathfpt.top/tekq
https://escczlv.top/bufi
https://localixbiw.top/zlpa
https://korxddl.top/qidz
https://diecam.top/laur
https://citellcagt.top/gjtu
https://peppinqikp.xyz/xaow
-
build_id
f020fca5b284e3026ebd4807041a821b354185
Targets
-
-
Target
Setup.exe
-
Size
1.1MB
-
MD5
5e80f3a191aae0fb63a1a0c6d8d781bb
-
SHA1
2083c8270cc0270cc2d2de1858fc38f5e9d09f9e
-
SHA256
240bce5a0d11df228597503ac7070f5f54cb40b71a8d1ed7f3de3d97dafacd47
-
SHA512
7e2601c6fc8e0642a2e405d39988d980c8a83c0d31b352e4b48525d73b67cf0582b4a77a80cc046717cf32a8d5f7b0a7ae2ec304dade1f6c769573ae3b08c0d8
-
SSDEEP
24576:O0adjo4mkZ7hDsijX4nq9wrQ9c5qAoKtzi2T9pgLbHcjXDFyMZI0Q2Myk81:OXU4p7hLjonq9RcVVBjpqbHczDS2n
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-
-
-
Target
$TEMP/Anytime.dot
-
Size
54KB
-
MD5
828b31c554ffafc6a3aa5d8d07c5120b
-
SHA1
2c381442f05d082b4a55eb67088d89ffe14473a5
-
SHA256
3a13f040064fb52fe07a62ccf1f863d852d908d58b6b02167f565e68a5f91837
-
SHA512
f10c8b35357d240ada8f3f05000b7341ffa660e929f9fca4b2c6afcb89aeedb74a69438bde35754322fe14f625409229c8caa624b5ef8febf51bf6ac3a2a3691
-
SSDEEP
768:IsjimbQmrqMnCioMjSsBIaUzLerhFkym8BXkthWcw3iHOlMLsFKtAb4OXS:pj1UMHoMdIaUvmkyzXMDdHEMLXAb4Oi
Score1/10 -
-
-
Target
$TEMP/Attitude.dot
-
Size
63KB
-
MD5
63da6ebb69ec97a1c5cbc175935e74f5
-
SHA1
cc5a440ad643073cc8fccdd9c95c243323033444
-
SHA256
d2bed4576ba8aacfa88d79c65e4c0b015c59ada2b1a76d8fcc2fcfaba27ea7c7
-
SHA512
370a0c44a8a02461420173f5356965ad7c811c9c30f7dd0b0a10645c1d628eae25011218aeeae2df50eb2c01e1eae1dc993f1b3be5c421822f8bf21c8611bd4f
-
SSDEEP
1536:Xwunxre2dlnbi3yhaaPHguIyJ6q40azZg7o/c:/5eQdi3iaWHguIypazqb
Score1/10 -
-
-
Target
$TEMP/Color.dot
-
Size
61KB
-
MD5
d86cce1201dba1d880a23e21b0e0294e
-
SHA1
5f5a05a0a06774ad6ac99411e848991bd29631bb
-
SHA256
c6eee1cae85e9fc7d4604b2b8fc30f117fe79176a1048ae08f7d390efb62c1ed
-
SHA512
0296259fc2b53fcfae380288cca10a01f21bcd794e0570e8d9fd1145614a1f7d8efeda6bac3dcc1ad593c834cf159e9f44a4da94934d2a225532f36fce26609f
-
SSDEEP
1536:eY1v8aZZUFkkPUOFCuzHog6GBu/6dHtXWhmSV2WqzJeEVW/At6Emx:eavdUFkoF7Hog6uuCdwFewEVBg
Score1/10 -
-
-
Target
$TEMP/Consequences.dot
-
Size
87KB
-
MD5
a77ee830abc2608cc2b16d97d8d62322
-
SHA1
631a98da3cf8433d24b5c7e0f220f2613d3d955a
-
SHA256
28140a1897426ea43491b719d3fa3d3567739b0dfac5a9ee15dabbff9aaa6f65
-
SHA512
b6fd9f2baa689190701a9a95602d8c82bc0d3956a6bfd8902dbdc5a19cc3655b3d3ec65a5f97000f84d3223ffce4c683417370ed472de54a6eefff1cec58ac31
-
SSDEEP
1536:S752DTsqtUqaYo9VzV4qvf/qJ93QSYVWO5cKv6Bw4sVy:S7sDJUqRWX4qvf/OQDgO0e4sk
Score1/10 -
-
-
Target
$TEMP/Entitled.dot
-
Size
8KB
-
MD5
1d4e02a00655816925b5242ccd3d027d
-
SHA1
ccf060157f77aa8e870e21ab2d82215064c4a135
-
SHA256
85fbc188e297280432f6f505267bfe210cf395ad8b8f0bd4a805a95b17ca6df7
-
SHA512
09a72a9eecd20b2b4bcce80f6a5b7464885f122d1f9949fe585e3ea5709f53cd218d9619b5d48f159af01e6644bd1c010b504ab1ad4db4247d34fdeb32327aa8
-
SSDEEP
192:jnTEfMWDdtWTKmK7lZbW6O3unEiiXJnx08K4NCZ7:jnoEW2TKH7TbWXeboxx080Z7
Score1/10 -
-
-
Target
$TEMP/Pleased.dot
-
Size
68KB
-
MD5
e6ad99f9219779111b4f1b35cee18430
-
SHA1
4beb43bfa99ae71388f74fcde1da0e07f4f9f6ce
-
SHA256
3c66570a3d37aaede803c327d01bdd03880ecfd0eef847d645248c642ec2226e
-
SHA512
b1345dd106c614ecdfd67a4a6c085ed33eb7562a0226504f4605dbeeaa9c9892b0f0fc31265911df435d8cc3c56711a9dc45925ff095709a8a9bc4de9a03102d
-
SSDEEP
1536:IAD49DrpoDOKvmyQYWJCPMmwWltLHpumCyeqM2bmSED7:IhrpoDOwhrPMElJ9heGbfM
Score1/10 -
-
-
Target
$TEMP/Richardson.dot
-
Size
86KB
-
MD5
59b53c75aa34be7e47c81e4a2a14b077
-
SHA1
3b7ded22e4354a2b1bc13798899f2036508c3236
-
SHA256
bdc480c7eed5371b031679313f387c38917d9e71ad73c46f2c5b174ccf43cb8a
-
SHA512
9c9caeebea0d97653635bbd5fb5338f3f61b6b579afafd109ddd2e8f64e261d0de20d8bbb04843a01794cdf29a288780886b5fb2ad33952f403b7c82100fdc66
-
SSDEEP
1536:Ydc7FV4o0y8SQ1nE1WPQK+JN2kDHcHqQRTb0yXRouBNtgx2vmdr2n4FuIpoGqQ24:Ye7Mo0yR0YB2o8HLb0yXWuBgsvmdr243
Score1/10 -
-
-
Target
$TEMP/Submitting.dot
-
Size
53KB
-
MD5
5754a2f4323b175d5432eac0bb81f2ca
-
SHA1
92f37a04cfc07ef1e20bda3d5cc33011766dbeb5
-
SHA256
8ffcdab3021da520c02211fa2df6a480718618f1600abb5e9a430d3e90150fbe
-
SHA512
f0c04b0ec63b420fa183ac65e7f5c48beb0daacd114076956aabb78ec05796e4c7685d0c4b6851a80fe9cb46edd2ca753b8913928c2a34745b445dc618a6fe28
-
SSDEEP
1536:zU9r3Z/iyz53Tfj/GGfIw0nvJuFmqCU/7QTsK:zurpnz5jfjOYIwAh52YJ
Score1/10 -
-
-
Target
$TEMP/Turning.dot
-
Size
70KB
-
MD5
c27e01a7a3d0062890583b330d8b8280
-
SHA1
5fdb3acaf5e478d55cc8c44faf19b37234aa6698
-
SHA256
222a85f880cac9de2d6b8895acb05aa2dbee29e7986c471223ba6b62a0bd8614
-
SHA512
7860975e2b61260363f2f13cda357ba03f34320cd8803181b2012c12a6fbe836a073fb32eefbe0a4777baad7f20d0105d1b49c5968c49a37634dd37d5b90ea17
-
SSDEEP
1536:50U71qxLSrsIwE7Nw+VhAC8d73GwxFTQkaPbDUnifndYNWxmfylJ:+k1qxOrsIwEy+VbOjGwxZHQEifi0xkyL
Score1/10 -