ScreenShot
| Created | 2024.09.22 18:12 | Machine | s1_win7_x6403 |
| Filename | LummaC222222.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | |||
| md5 | 49ac2a0a553de507388c97455531588b | ||
| sha256 | 1a97c9063e9a48951bb69d005bfde0e9e08e990dd54c6324521974ac41af859f | ||
| ssdeep | 6144:yEIbJdhhk012D9kEsrwRdvwoShfvM4MH0RoeAcGho33vXvIKgI5TdFaA51TIrxLS:yEIbJvhk0azddWtyA51C09ssEN8mhGfE | ||
| imphash | 8a08f05f951e29daf72a243fb2aa4e67 | ||
| impfuzzy | 24:fZ47kFk/7YLO317u4wxGTCqvEQ4Ei3MUkH:fZ4YFk/7Y6317+ZQ8G | ||
Network IP location
Signature (0cnts)
| Level | Description |
|---|
Rules (3cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
USER32.dll
0x44e6ac CloseClipboard
0x44e6b0 GetClipboardData
0x44e6b4 GetDC
0x44e6b8 GetInputState
0x44e6bc GetSystemMetrics
0x44e6c0 GetWindowLongW
0x44e6c4 OpenClipboard
0x44e6c8 ReleaseDC
KERNEL32.dll
0x44e6d0 CopyFileW
0x44e6d4 ExitProcess
0x44e6d8 GetCommandLineW
0x44e6dc GetCurrentProcessId
0x44e6e0 GetCurrentThreadId
0x44e6e4 GetLogicalDrives
0x44e6e8 GetSystemDirectoryW
0x44e6ec GlobalLock
0x44e6f0 GlobalUnlock
ole32.dll
0x44e6f8 CoCreateInstance
0x44e6fc CoInitialize
0x44e700 CoInitializeSecurity
0x44e704 CoSetProxyBlanket
0x44e708 CoUninitialize
OLEAUT32.dll
0x44e710 SysAllocString
0x44e714 SysFreeString
0x44e718 SysStringLen
0x44e71c VariantClear
0x44e720 VariantInit
GDI32.dll
0x44e728 BitBlt
0x44e72c CreateCompatibleBitmap
0x44e730 CreateCompatibleDC
0x44e734 DeleteDC
0x44e738 DeleteObject
0x44e73c GetCurrentObject
0x44e740 GetDIBits
0x44e744 GetObjectW
0x44e748 SelectObject
0x44e74c StretchBlt
EAT(Export Address Table) is none
USER32.dll
0x44e6ac CloseClipboard
0x44e6b0 GetClipboardData
0x44e6b4 GetDC
0x44e6b8 GetInputState
0x44e6bc GetSystemMetrics
0x44e6c0 GetWindowLongW
0x44e6c4 OpenClipboard
0x44e6c8 ReleaseDC
KERNEL32.dll
0x44e6d0 CopyFileW
0x44e6d4 ExitProcess
0x44e6d8 GetCommandLineW
0x44e6dc GetCurrentProcessId
0x44e6e0 GetCurrentThreadId
0x44e6e4 GetLogicalDrives
0x44e6e8 GetSystemDirectoryW
0x44e6ec GlobalLock
0x44e6f0 GlobalUnlock
ole32.dll
0x44e6f8 CoCreateInstance
0x44e6fc CoInitialize
0x44e700 CoInitializeSecurity
0x44e704 CoSetProxyBlanket
0x44e708 CoUninitialize
OLEAUT32.dll
0x44e710 SysAllocString
0x44e714 SysFreeString
0x44e718 SysStringLen
0x44e71c VariantClear
0x44e720 VariantInit
GDI32.dll
0x44e728 BitBlt
0x44e72c CreateCompatibleBitmap
0x44e730 CreateCompatibleDC
0x44e734 DeleteDC
0x44e738 DeleteObject
0x44e73c GetCurrentObject
0x44e740 GetDIBits
0x44e744 GetObjectW
0x44e748 SelectObject
0x44e74c StretchBlt
EAT(Export Address Table) is none