General
-
Target
ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
-
Size
7.7MB
-
Sample
240704-2q1kyswdmd
-
MD5
2bc0db539a8fab08bf4104eb7f2de7e7
-
SHA1
ff4a5defedb18c93ef815434b40e19b9452ca410
-
SHA256
ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
-
SHA512
ffaeb6c876d2aeda75b6576d2b307964a7b5330a0ab73352a4c95ef18ac3b1b1bfff350805553833a754582ed54215337c376bce0abd44c117b5d8a0e1468d71
-
SSDEEP
49152:P8FC9tZ1LK9QkVNdZEOto3XOREES2CG9LlPJHzPihufFRDiLYDEwjB5EtC0D4DAh:UuG9QcnhnLxHmhYFBEtCHi1mK
Static task
static1
Behavioral task
behavioral1
Sample
ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04.exe
Resource
win7-20240704-en
Malware Config
Extracted
lumma
https://potterryisiw.shop/api
Targets
-
-
Target
ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
-
Size
7.7MB
-
MD5
2bc0db539a8fab08bf4104eb7f2de7e7
-
SHA1
ff4a5defedb18c93ef815434b40e19b9452ca410
-
SHA256
ec84ec11567566db3ba9096df164f0b7a8217d50ffab16fa3642f8f12d759b04
-
SHA512
ffaeb6c876d2aeda75b6576d2b307964a7b5330a0ab73352a4c95ef18ac3b1b1bfff350805553833a754582ed54215337c376bce0abd44c117b5d8a0e1468d71
-
SSDEEP
49152:P8FC9tZ1LK9QkVNdZEOto3XOREES2CG9LlPJHzPihufFRDiLYDEwjB5EtC0D4DAh:UuG9QcnhnLxHmhYFBEtCHi1mK
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-