Analysis
-
max time kernel
94s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
03-07-2024 01:04
Static task
static1
Behavioral task
behavioral1
Sample
0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09.exe
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
General
-
Target
0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09.exe
-
Size
573KB
-
MD5
4d73427dc0b9f3dc4b846ace0ddc2deb
-
SHA1
43b8ffa09826c21676d759c0f3dc2088c4df4efe
-
SHA256
0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09
-
SHA512
b66b5b2beeec4174ff9f644b105c10e757e18211a55b7c5b5d9ed9745c0cdc191f7c427d00518cab63427d92d9122922de92db3d448a6ef347f5c5e778d5067f
-
SSDEEP
12288:GGbKDjKEJZALcCAgqW++rNWq3nmK6JqpJjAsE:G1K8Z4cCPqW+kAqrjjjAx
Malware Config
Extracted
Family
lumma
C2
https://contintnetksows.shop/api
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://reinforcedirectorywd.shop/api
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09.exepid process 2520 0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09.exe 2520 0d7b87b394b0620f352a3dd9391b202ff85c2659a007b74caf11799fc51e1e09.exe