General
-
Target
Setup.exe
-
Size
35.4MB
-
Sample
240704-k1b7nstbrj
-
MD5
d093685e6b91fc6147052af9dee16bbf
-
SHA1
689da37e0f0cfffb50ca590a03e3d3687226d50f
-
SHA256
8ba9adaf89214c5f87f5bfd5bf1b6db6e688b5bb2bf61816e7b62c64f90a5c2f
-
SHA512
19386bd61b8e4d500cf9098f97af9c46e55da98ca80e6e199ec0d1f7b012d3fe007cbb19420093caf264126c90fa63698a926949576985d3ffdd51d97a100257
-
SSDEEP
196608:J4sY1sHqQwiBmEIz9o0bUVqnP1Cw2MqGJ/3pnOsS0pu0Fdj6G7:JE1sGbEIn9eqvOt0pu0Pj6G7
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
Setup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
Setup.exe
Resource
win11-20240419-en
Malware Config
Extracted
lumma
https://radiationnopp.shop/api
Targets
-
-
Target
Setup.exe
-
Size
35.4MB
-
MD5
d093685e6b91fc6147052af9dee16bbf
-
SHA1
689da37e0f0cfffb50ca590a03e3d3687226d50f
-
SHA256
8ba9adaf89214c5f87f5bfd5bf1b6db6e688b5bb2bf61816e7b62c64f90a5c2f
-
SHA512
19386bd61b8e4d500cf9098f97af9c46e55da98ca80e6e199ec0d1f7b012d3fe007cbb19420093caf264126c90fa63698a926949576985d3ffdd51d97a100257
-
SSDEEP
196608:J4sY1sHqQwiBmEIz9o0bUVqnP1Cw2MqGJ/3pnOsS0pu0Fdj6G7:JE1sGbEIn9eqvOt0pu0Pj6G7
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-