General
-
Target
240629-ye94gaxgmk_pw_infected.zip
-
Size
431KB
-
Sample
240629-yx967aycmn
-
MD5
37b5945a94f04f36b73639292c8949cc
-
SHA1
240c1014adcf8eed1f79ced59f9405b9ee58d446
-
SHA256
3ac252519b834b39fc3c97eb7810889df601dc72d702ff8eadf294943184eee2
-
SHA512
0d0cd68be7879f4e3d7ad0c3cc13f263f30aeb85c400ba8a4e6c7507b1e38bf47ac72fe856c5fcba139ddbfe7763987ad493dab535edcd1eb44b3b4d54079b5e
-
SSDEEP
12288:17Ms9OVcgXRnht4foAcsaxB1ENLdQWWSVRHku:47n8frc11OJJf
Static task
static1
Behavioral task
behavioral1
Sample
Gtool.exe
Resource
win7-20240611-en
Malware Config
Extracted
lumma
https://piedsiggnycliquieaw.shop/api
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://contintnetksows.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
Gtool.exe
-
Size
526KB
-
MD5
25d66863ae6b40666fe4ea3031c00957
-
SHA1
07408d2073032c8fa07a1e3f1613274039183ef9
-
SHA256
ffeabd18beabd0c0090ca6ff166e7f724ee80c120c602e46a4ce2e427887b762
-
SHA512
03644f6de2da25939ec5b460f90d052718fce40f84d2d75788836a02d20f3352e967b6df80ddfd8b858f11af9ff9c08be419373f903063ee1aeb9a58385892a8
-
SSDEEP
12288:PnUB23lHRG/X5maWsBZUXHgBEDwAW8WrlrpQy7lQ:PUE1H2JmaWs0CeFmZ
-
Suspicious use of SetThreadContext
-