General
-
Target
s1.exe
-
Size
21.3MB
-
Sample
240704-z4awcazajp
-
MD5
1e02feadcf0565bc636fe2b48580c133
-
SHA1
aee73dc45371a50878556201cb13fce4923bcb47
-
SHA256
34656ef1ee64ca950ce6c85c4b8ca9977febd3f67c990b940cd960860881a634
-
SHA512
99e0aac648e3904b45c35b6bc3ca44af5b461e95f3ce746e8dfd6937e259f3d052847710659f8880642438bfa8197c8800723f32f8efa0e5e3bf261ce62db77a
-
SSDEEP
98304:/V7/kWotzffMGgFsud1ustuSJQozcgO/B8Px3DwGVMbalzWayZ1Ex3kmivUQe0I4:StzffMbsWnQoxucxDwGjXJx0TUD
Static task
static1
Malware Config
Extracted
lumma
https://nobledpcowep.shop/api
Targets
-
-
Target
s1.exe
-
Size
21.3MB
-
MD5
1e02feadcf0565bc636fe2b48580c133
-
SHA1
aee73dc45371a50878556201cb13fce4923bcb47
-
SHA256
34656ef1ee64ca950ce6c85c4b8ca9977febd3f67c990b940cd960860881a634
-
SHA512
99e0aac648e3904b45c35b6bc3ca44af5b461e95f3ce746e8dfd6937e259f3d052847710659f8880642438bfa8197c8800723f32f8efa0e5e3bf261ce62db77a
-
SSDEEP
98304:/V7/kWotzffMGgFsud1ustuSJQozcgO/B8Px3DwGVMbalzWayZ1Ex3kmivUQe0I4:StzffMbsWnQoxucxDwGjXJx0TUD
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-