General
-
Target
08052025_0719_wint33infuuuuu.exe
-
Size
343KB
-
Sample
250508-h5jq7syzet
-
MD5
755b00c2b91ce96e39689359cb607154
-
SHA1
4a3e0e53c76391d99249af4c2eb8a188304827d2
-
SHA256
d234396bf3e096411b361b700db2ac6daeb640e705d9bd283b83927085a8d913
-
SHA512
c4e428da3457a0308bc8c7b7cfdad619660eef3ea26237930eb7d5c8eae8b26b272c6ce08df052df27fa953fbe3227f83a0860bb256025e62f44cb0e0c8ee756
-
SSDEEP
6144:rISEive+GxW/egLLpQo3Sy3+XllR9D16VZe0he7wdnFk/sJCq2pTHiGQy:rIRJ+mweo9QO+1lQne8e7uFk/sqC
Malware Config
Extracted
lumma
https://firstezkpg.run/riow
https://aorjinalecza.net/lxaz
https://eczakozmetik.net/qop
https://orijinalecza.org/jub
https://tortoisgfe.top/paxk
https://eczamedikal.org/vax
https://orijinalecza.net/kazd
https://medicalbitkisel.net/juj
https://snakejh.top/adsk
Targets
-
-
Target
08052025_0719_wint33infuuuuu.exe
-
Size
343KB
-
MD5
755b00c2b91ce96e39689359cb607154
-
SHA1
4a3e0e53c76391d99249af4c2eb8a188304827d2
-
SHA256
d234396bf3e096411b361b700db2ac6daeb640e705d9bd283b83927085a8d913
-
SHA512
c4e428da3457a0308bc8c7b7cfdad619660eef3ea26237930eb7d5c8eae8b26b272c6ce08df052df27fa953fbe3227f83a0860bb256025e62f44cb0e0c8ee756
-
SSDEEP
6144:rISEive+GxW/egLLpQo3Sy3+XllR9D16VZe0he7wdnFk/sJCq2pTHiGQy:rIRJ+mweo9QO+1lQne8e7uFk/sqC
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-