Analysis
-
max time kernel
140s -
max time network
106s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
13-03-2023 07:42
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
3 signatures
150 seconds
General
-
Target
tmp.exe
-
Size
6.4MB
-
MD5
4e86343c81e09b6079449183a5289d08
-
SHA1
d1678ca572eebed0cd392ff1cd0cccacdce2067d
-
SHA256
0b56823bf4d3e3b17518c147ad4d520d34b2c648111730cd83f123948d8f0ab4
-
SHA512
e2260ae32d333c898fd3dfbb32d2f5dda0ab390258fe813fc24f00b4ce09554644632ea653f78b59ba35b96f9e8c4c60de9fa0ae64f1cc5b8ac7df2bbc5ee793
-
SSDEEP
98304:dqjNw+IVoIjhBx2oyyl210HL3MMOT0Rsoo82Pb0VKq0:ETIVoIjhBg10HTMD5MVK3
Malware Config
Extracted
Family
lumma
C2
82.118.23.50
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1372-56-0x0000000029DD0000-0x0000000029E37000-memory.dmpFilesize
412KB
-
memory/1372-55-0x0000000029DD0000-0x0000000029E37000-memory.dmpFilesize
412KB
-
memory/1372-57-0x0000000029DD0000-0x0000000029E37000-memory.dmpFilesize
412KB
-
memory/1372-58-0x0000000000400000-0x0000000000A67000-memory.dmpFilesize
6.4MB
-
memory/1372-59-0x0000000029DD0000-0x0000000029E37000-memory.dmpFilesize
412KB