General
-
Target
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513
-
Size
4.9MB
-
Sample
240704-2kljvatbpj
-
MD5
2502f2fb88c1ea569c0b4287ae0613f3
-
SHA1
aae526d8ce17f59366b57d5d00ab5d14140cd6b5
-
SHA256
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513
-
SHA512
7c0e3a6f8322aafa90533bcd2ff5ab2b167ef7c1c8412710c4b3a3b4643cdb0412cf93c561ce1c01a1057643bda336fd3fa64e3a7373d41cc25319d5190ca2d2
-
SSDEEP
49152:HwWM2zE1fkrLilu5l55F+QjEcEAGjz5Ep+8YTpuQynVoj28OBpclaYC4Ihign93:QWlzE1fyLi61kE7piK93
Static task
static1
Behavioral task
behavioral1
Sample
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513.exe
Resource
win7-20240220-en
Malware Config
Extracted
lumma
https://stationacutwo.shop/api
Targets
-
-
Target
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513
-
Size
4.9MB
-
MD5
2502f2fb88c1ea569c0b4287ae0613f3
-
SHA1
aae526d8ce17f59366b57d5d00ab5d14140cd6b5
-
SHA256
6c3496832cdffffedde13f9c75138ee62dd968eaa26bc23e1cbc082e638c3513
-
SHA512
7c0e3a6f8322aafa90533bcd2ff5ab2b167ef7c1c8412710c4b3a3b4643cdb0412cf93c561ce1c01a1057643bda336fd3fa64e3a7373d41cc25319d5190ca2d2
-
SSDEEP
49152:HwWM2zE1fkrLilu5l55F+QjEcEAGjz5Ep+8YTpuQynVoj28OBpclaYC4Ihign93:QWlzE1fyLi61kE7piK93
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-