General
-
Target
Installer 32x 64x.7z
-
Size
424KB
-
Sample
240704-qdv9xsxcpr
-
MD5
b1ee3243023cae39c7af54c24307f3ff
-
SHA1
8f62fb32846e3711d97b0ed28730e75508fb3ef5
-
SHA256
529d5a0687df16154b93236117d4fad1da9556b6570d9373733b3f6d0339d2d6
-
SHA512
65bc557bcf115c2e0253c93703c6ba3f226cf68c5a4e7e7ff22b2a0e39c1b7ef8062ad752fbe9eeda9339c30261070157af75ac19c89057903a45c72892bb6f7
-
SSDEEP
12288:0eRHSWrwOUokLbDvySQge+8LGOk2/eVD1/l:4HokLbDvP3LhOk2/e1dl
Static task
static1
Malware Config
Extracted
lumma
https://groundsmooors.shop/api
Targets
-
-
Target
Installer 32x 64x.exe
-
Size
127.5MB
-
MD5
3edcd74e544d3975a1cdc99f0fcdcf40
-
SHA1
f30ff6bcfb73cbb15935f5c00d74fd4412517464
-
SHA256
22c1e8e0c7938637e2cb084b4a4421640ed4ff21e562fda1e34b98032e74ede7
-
SHA512
18b37263d6338007407c7a3ce84689738f00335621e2738c2ba8a0e5e06f80030be46f23f437c2eed4e88d167f4a3ffaeb93990a8e4be47c00beded79c2341a9
-
SSDEEP
12288:W5ATYAP7BBRUokLnxgmSQ/ol8SHOC2/PzD1Aq2:YcDB0okLnxgTAWtOC2/PXs
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-