Analysis
-
max time kernel
142s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
13-03-2023 07:42
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
windows7-x64
3 signatures
150 seconds
General
-
Target
tmp.exe
-
Size
6.4MB
-
MD5
4e86343c81e09b6079449183a5289d08
-
SHA1
d1678ca572eebed0cd392ff1cd0cccacdce2067d
-
SHA256
0b56823bf4d3e3b17518c147ad4d520d34b2c648111730cd83f123948d8f0ab4
-
SHA512
e2260ae32d333c898fd3dfbb32d2f5dda0ab390258fe813fc24f00b4ce09554644632ea653f78b59ba35b96f9e8c4c60de9fa0ae64f1cc5b8ac7df2bbc5ee793
-
SSDEEP
98304:dqjNw+IVoIjhBx2oyyl210HL3MMOT0Rsoo82Pb0VKq0:ETIVoIjhBg10HTMD5MVK3
Malware Config
Extracted
Family
lumma
C2
82.118.23.50
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2280-134-0x000000002BDF0000-0x000000002BE57000-memory.dmpFilesize
412KB
-
memory/2280-135-0x000000002BDF0000-0x000000002BE57000-memory.dmpFilesize
412KB
-
memory/2280-136-0x000000002BDF0000-0x000000002BE57000-memory.dmpFilesize
412KB
-
memory/2280-137-0x0000000000400000-0x0000000000A67000-memory.dmpFilesize
6.4MB
-
memory/2280-138-0x000000002BE60000-0x000000002C293000-memory.dmpFilesize
4.2MB
-
memory/2280-139-0x000000002BDF0000-0x000000002BE57000-memory.dmpFilesize
412KB