General
-
Target
πΊπ¬π»πΌπ·.exe
-
Size
1.1MB
-
Sample
250704-xp3ayadk81
-
MD5
c4f480797d490445b330c449e74c71e3
-
SHA1
63fd7fa1d14f4e971ac6f9b48c0426c45e89b267
-
SHA256
0746bb80d0d6493390cf482becae8c7908922825ab2fdb306f82e2aa4ef11895
-
SHA512
51564fde65865d5672c1439b9aa15dac24e3504df875e30783d08c7daf1b8e552d014a53e751247934b6f85257c0c9a1030469f9482cec7e628fb6097976233e
-
SSDEEP
24576:r0aclh1X8x4TS8jTEJXRiAS1uoaJoZ8s8v65eu6Rn7pNb:r4DoJhiFoJo/8yQuEn
Static task
static1
Behavioral task
behavioral1
Sample
πΊπ¬π»πΌπ·.exe
Resource
win10ltsc2021-20250619-en
Malware Config
Extracted
lumma
https://t.me/sadwq223123asdsad
https://giyewf.shop/gbtw
https://ycvduc.xyz/trie
https://nbcsfar.xyz/tpxz
https://cbakk.xyz/ajng
https://trsuv.xyz/gait
https://sqgzl.xyz/taoa
https://cexpxg.xyz/airq
https://urarfx.xyz/twox
https://liaxn.xyz/nbzh
-
build_id
87d6d96b7dff409b5339f2d55997fc666193
Targets
-
-
Target
πΊπ¬π»πΌπ·.exe
-
Size
1.1MB
-
MD5
c4f480797d490445b330c449e74c71e3
-
SHA1
63fd7fa1d14f4e971ac6f9b48c0426c45e89b267
-
SHA256
0746bb80d0d6493390cf482becae8c7908922825ab2fdb306f82e2aa4ef11895
-
SHA512
51564fde65865d5672c1439b9aa15dac24e3504df875e30783d08c7daf1b8e552d014a53e751247934b6f85257c0c9a1030469f9482cec7e628fb6097976233e
-
SSDEEP
24576:r0aclh1X8x4TS8jTEJXRiAS1uoaJoZ8s8v65eu6Rn7pNb:r4DoJhiFoJo/8yQuEn
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-