General
-
Target
!ŞetUp_51286--#PaSꞨKḙy#$$.zip
-
Size
4.1MB
-
Sample
240704-yarfkaxeke
-
MD5
12e1b33c544e30e8924c46ba16fe3e79
-
SHA1
9aba5f5b34535e902672a48eac3b21b036529fdd
-
SHA256
0f94f6a5c219c17ba7c1c5d9be967e576c7a8f0e097a14706b13feed3aaafe7d
-
SHA512
a1455b3cae107be0557122ff92cd59deb97415ea503c2fa13431566ea957ab2a43a4b8a6c46f73ec5b6b1cc33d9f48199c0c496c604f4aa8b80f9b7dd800ef13
-
SSDEEP
98304:wHbApCD1dRk71DN18tpXL8Ut2UVWf99lW4gCb3Fk3:w8w1YDaHt2XVcYFE
Static task
static1
Behavioral task
behavioral1
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
Resource
win11-20240508-en
Malware Config
Extracted
lumma
https://unwielldyzpwo.shop/api
Targets
-
-
Target
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
-
Size
1.1MB
-
MD5
f975a2d83d63a473fa2fc5206b66bb79
-
SHA1
e49d21f112ab27ae0953aff30ae122440cf164b9
-
SHA256
6a2d3876003f6c68f824df4f0033564d8c230716908ba2e6c06ea1dd6d5f98e8
-
SHA512
4af4ce56bf131432d488ed112f8858c1e1392d013c6ac0603f2fd70ed513091e35854c0f678efeab7fa9a551517c6b9698f40a92729112de4b852fa3c0c69d64
-
SSDEEP
12288:IbCylcTVPbi7vT1K7n6HpVkg8KHIo5u0K1VmMxEnbuvuY2jTU+LHMA+nk2oG1ts:4lcTVPbikTMkg8KH/mmMxnvfphx8
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-