General
-
Target
APEX.SOFT.exe
-
Size
508KB
-
Sample
240703-ehk4zazgnp
-
MD5
e4d7aef4ec6eaf942d19da341d6ed9c7
-
SHA1
ef3dc3479f354e9183ee94a60884062efe411e12
-
SHA256
272c4bc4d48bc71cd16b0903886f906ee27cdbef44305e2f4b8d30ef32bd1d0f
-
SHA512
7af0b1faf7677a442bfc6e358d769ee5b7866b034056d24df8410c865030febe67ad1e7f33a4602259e1a5dd0eca4fc3bdf777aa22037eab57aee9aa273f319b
-
SSDEEP
12288:xqs5NgWCvNWmeDI7VBD4fgBNheXXWAM1vYajEjSR:xTmWCwPDyDOgBNhQXWAczAjS
Static task
static1
Behavioral task
behavioral1
Sample
APEX.SOFT.exe
Resource
win10-20240611-en
Behavioral task
behavioral2
Sample
APEX.SOFT.exe
Resource
win11-20240419-en
Malware Config
Extracted
lumma
https://groundsmooors.shop/api
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://contintnetksows.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
APEX.SOFT.exe
-
Size
508KB
-
MD5
e4d7aef4ec6eaf942d19da341d6ed9c7
-
SHA1
ef3dc3479f354e9183ee94a60884062efe411e12
-
SHA256
272c4bc4d48bc71cd16b0903886f906ee27cdbef44305e2f4b8d30ef32bd1d0f
-
SHA512
7af0b1faf7677a442bfc6e358d769ee5b7866b034056d24df8410c865030febe67ad1e7f33a4602259e1a5dd0eca4fc3bdf777aa22037eab57aee9aa273f319b
-
SSDEEP
12288:xqs5NgWCvNWmeDI7VBD4fgBNheXXWAM1vYajEjSR:xTmWCwPDyDOgBNhQXWAczAjS
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-