Analysis
-
max time kernel
45s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
16-01-2023 07:08
Static task
static1
Behavioral task
behavioral1
Sample
d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d.exe
Resource
win7-20220901-en
windows7-x64
3 signatures
150 seconds
General
-
Target
d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d.exe
-
Size
276KB
-
MD5
930f2ceba3c8821110756aa19b395676
-
SHA1
d2430e3e8dc6c193a90ef93da218c10f830e4395
-
SHA256
d21f82a8a0b55f753ba26a19444c5364a2b21d8451fcde32f659f57476fc399d
-
SHA512
dc6d093585e171ca366863cce09722e71e3718c8bab6d4432f92ccea6c926191bfbf5a0b7eb570189e070c4c8ca962a504e02f04661d6e3703efa642bec980d7
-
SSDEEP
6144:O6o0eLFcKPqdWge8I9h/e8DVr+HJYloDU4zqQna:O6o55cQqoF8ILRr+HJYloDFP
Malware Config
Extracted
Family
lumma
C2
77.73.134.68
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1808-56-0x0000000000400000-0x000000000044B000-memory.dmpFilesize
300KB
-
memory/1808-55-0x0000000000220000-0x000000000024A000-memory.dmpFilesize
168KB
-
memory/1808-54-0x00000000005BE000-0x00000000005D8000-memory.dmpFilesize
104KB
-
memory/1808-57-0x0000000075AC1000-0x0000000075AC3000-memory.dmpFilesize
8KB
-
memory/1808-58-0x00000000005BE000-0x00000000005D8000-memory.dmpFilesize
104KB
-
memory/1808-59-0x0000000000400000-0x000000000044B000-memory.dmpFilesize
300KB