Overview
overview
10Static
static
1omgsoft.exe
windows7-x64
1omgsoft.exe
windows10-2004-x64
10$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDIR/Midex.dll
windows7-x64
6$PLUGINSDIR/Midex.dll
windows10-2004-x64
6$PLUGINSDIR/jsis.dll
windows7-x64
3$PLUGINSDIR/jsis.dll
windows10-2004-x64
3$PLUGINSDI...ON.dll
windows7-x64
3$PLUGINSDI...ON.dll
windows10-2004-x64
3$_106_.dll
windows7-x64
1$_106_.dll
windows10-2004-x64
1General
-
Target
eb69150e0f3bfc15abea38fdf4df95cf.bin
-
Size
10.5MB
-
Sample
240624-d49h1szcmq
-
MD5
48e42ee92c05a5b3930796b974043797
-
SHA1
9b84477525963ad43ca1138945b94fd27685f947
-
SHA256
b5f9935e0615cfe328feb5a737d7691dd96b202731e0845bdd3226e64ad96123
-
SHA512
20fae7f2d95703fda588921398a433af50167b42e892dc64ac4fb815e2d1fdfc0b5f7b0eb25cc0e5436384aad0d38b88a6bcc168373b8cffcfd36ba1faeb1ba3
-
SSDEEP
196608:wWFr8VV/0MsUPg1HmDKEhkABVCmhdqMHpe1ArDKEq1ZSRO/dK90QLabt1o5zgW:Vr8VV/0/UPKHs9hkzmhdVpycDKJ1ZIPj
Static task
static1
Behavioral task
behavioral1
Sample
omgsoft.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
omgsoft.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/JsisPlugins.dll
Resource
win7-20240419-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/JsisPlugins.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Midex.dll
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Midex.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/jsis.dll
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/jsis.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsJSON.dll
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsJSON.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
$_106_.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$_106_.dll
Resource
win10v2004-20240611-en
Malware Config
Extracted
lumma
https://latesttributedowps.shop/api
https://publicitycharetew.shop/api
https://computerexcudesp.shop/api
https://leafcalfconflcitw.shop/api
https://injurypiggyoewirog.shop/api
https://bargainnygroandjwk.shop/api
https://disappointcredisotw.shop/api
https://doughtdrillyksow.shop/api
https://facilitycoursedw.shop/api
Targets
-
-
Target
omgsoft.exe
-
Size
10.7MB
-
MD5
895531f9d849155e054903e7cc466888
-
SHA1
4271c3690af27765533a3f1eb30a40d5aebf90bc
-
SHA256
e60d911f2ef120ed782449f1136c23ddf0c1c81f7479c5ce31ed6dcea6f6adf9
-
SHA512
4c72b3d45291da1eb8290f7c6ad89c71d64e48f0e717126f8729efe683558c43439091e444cc0a7f9df09a90241cebabd09153b9578f5c0e79b2ed537cd68674
-
SSDEEP
196608:62VEhlCTPpx5v1i7qwDzfAPlqBtC1m4AVEhlCTPpx5v1i7qwDzfAPlqBtC1I:66Ehq1sqwHOld0Ehq1sqwHOldI
-
-
-
Target
$PLUGINSDIR/JsisPlugins.dll
-
Size
2.1MB
-
MD5
a1336353c555c6fd1832a97ee2268579
-
SHA1
203b705ef26e1685f2c1613ffa783c1186d64fc6
-
SHA256
6a6f53c6fcb1f7cd2506c16f318180b748c52f59fb738f2abbebcfe9bf71238d
-
SHA512
cdab5cdbe7b26de36b379cc71dfaba16004d76ae6d763dd0a86ecd7e57c756d9d8e3610d93edee400fb02b28421b2fdc1047e9b2e3b290e175bd4910e789e27a
-
SSDEEP
49152:XWUF3+DvlxaVlUj2UxF9TWkWbQWxACvRG+OZ1m/I31he2UaIyuK:XtF3+DLaVlUFWkWbQWx1JtOLm/IgaI
Score3/10 -
-
-
Target
$PLUGINSDIR/Midex.dll
-
Size
126KB
-
MD5
8d2c955338825cee8a50a8637c02a82d
-
SHA1
7ec598efdaaf3d382c496adb2c4fa26218a17350
-
SHA256
4b861cd1b8b47bff1769e63e2b15a1b4ae9ca0dc4d5a3013fb3afc66a1789b76
-
SHA512
fa2cd1ceeb9a1a3ef83677b7221b263b0303f4cafe3c58f8ef0b56f7b4966c7eb69de0e83db298ee382cd16a44e3cb2fca29893b44517962bcb489c2736745d1
-
SSDEEP
3072:xACUTz1JlJmpGB6yK4H9l4o8rr4YlixbSrZKbazGU:xACUTz1JlopG5K4OZgeC
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
$PLUGINSDIR/jsis.dll
-
Size
127KB
-
MD5
877523e8e5f8eac05f8a90d822b6ff23
-
SHA1
412d780a501f2d158f3bcc82011f962e3e87ee1a
-
SHA256
bec5941a991669b2407a72607ecbfd45daf7d19d11b10d0c850f25a2f22f4486
-
SHA512
872a7dce8044fdf4d4489ad55b0428769a1572a22590009074681fcd757432d3723437d421d601ea590452e41761b2691dd4520e184c8af99035644210ae8ef7
-
SSDEEP
3072:93Zk9fOAewM0+W8NVH28fB948igEWo8P+fidY:93qNOApM1G8fBpidWZ
Score3/10 -
-
-
Target
$PLUGINSDIR/nsJSON.dll
-
Size
36KB
-
MD5
e42450cf5d36102a4ccf290d6a7d2364
-
SHA1
94500c2fd8381cdf3e9997bb685ed3ce9024b3d1
-
SHA256
d3213fa6f49a39db335197eb0c53776a0670780d03859436075d6dac8e7314d0
-
SHA512
851ebd3cd3479d1ed3e5b8142a0da92404b27972ec00c1ef748e8d3580da261c56543d345c5f06172b36c293aa28afe7d98a8f7aeb9f0361d1c86e498e21c7eb
-
SSDEEP
768:91vTYFHvlhqjbm8oEHB6hC+/3P4LA27bRpuYiBAMxkE:91bYPHqu7EUhL27bTu7Jx
Score3/10 -
-
-
Target
$_106_
-
Size
6.1MB
-
MD5
24df7efa5d08185fd080522229537c26
-
SHA1
da122637aff6822d5b80ca0e621fc61979908a44
-
SHA256
cb157b90adbd0990521d4a446f7a10f04162199a7a5d73aa859ce9f116ecf73f
-
SHA512
77f07a22b794850cd30a4116ffc7d938ddab2b89a042d3e2c376091055a6d5700f77bc325cf29cdf9850c4dc42d002c4e957b450bb668668b1886fe64130f4e1
-
SSDEEP
98304:sTvkQ/nTstrpzpNBcSrMVudcoCL+34a5eB2atknfQJlH7ixiu1aqrqNCwLwKknK:sTvkTLVTAudcoJheBnknfFrqNeKc
Score1/10 -