Overview

overview

10

Static

static

1

socoolMP3setup.exe

windows7-x64

7

socoolMP3setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    socoolMP3setup

  • Size

    264.9MB

  • Sample

    230315-bv8t1scg2y

  • MD5

    a6b0351c4dd92c63c0159529b2d5a3cc

  • SHA1

    c48e9e4296d51e751ae53d79e2feef50c12e38ac

  • SHA256

    7d5a68b20ffc7ac02da46e733a3cdff9ae581a56789c6fb300e165e3ce215d42

  • SHA512

    b363933d72bee95bfadbcb6249071d4da9a7c19d2c4851e8889b0da2cba317cce6a2485645da7dd1387114ffd6b64c85a2697f32add5a5f43cab7c3434200984

  • SSDEEP

    6291456:mKEci4ILYe9E4hsy5C5A0RkBkPdfRH9Xu3IUa4j6Kmvcv:D84ILYq+hA0RkBkPVRH9Aa4j6KmvI

Score
10/10
lummapersistencepyinstallerstealerupx

Malware Config

Targets

    • Target

      socoolMP3setup

    • Size

      264.9MB

    • MD5

      a6b0351c4dd92c63c0159529b2d5a3cc

    • SHA1

      c48e9e4296d51e751ae53d79e2feef50c12e38ac

    • SHA256

      7d5a68b20ffc7ac02da46e733a3cdff9ae581a56789c6fb300e165e3ce215d42

    • SHA512

      b363933d72bee95bfadbcb6249071d4da9a7c19d2c4851e8889b0da2cba317cce6a2485645da7dd1387114ffd6b64c85a2697f32add5a5f43cab7c3434200984

    • SSDEEP

      6291456:mKEci4ILYe9E4hsy5C5A0RkBkPdfRH9Xu3IUa4j6Kmvcv:D84ILYq+hA0RkBkPVRH9Aa4j6KmvI

    Score
    10/10
    persistencepyinstallerupxlummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks