General
-
Target
socoolMP3setup
-
Size
264.9MB
-
Sample
230315-bv8t1scg2y
-
MD5
a6b0351c4dd92c63c0159529b2d5a3cc
-
SHA1
c48e9e4296d51e751ae53d79e2feef50c12e38ac
-
SHA256
7d5a68b20ffc7ac02da46e733a3cdff9ae581a56789c6fb300e165e3ce215d42
-
SHA512
b363933d72bee95bfadbcb6249071d4da9a7c19d2c4851e8889b0da2cba317cce6a2485645da7dd1387114ffd6b64c85a2697f32add5a5f43cab7c3434200984
-
SSDEEP
6291456:mKEci4ILYe9E4hsy5C5A0RkBkPdfRH9Xu3IUa4j6Kmvcv:D84ILYq+hA0RkBkPVRH9Aa4j6KmvI
Malware Config
Targets
-
-
Target
socoolMP3setup
-
Size
264.9MB
-
MD5
a6b0351c4dd92c63c0159529b2d5a3cc
-
SHA1
c48e9e4296d51e751ae53d79e2feef50c12e38ac
-
SHA256
7d5a68b20ffc7ac02da46e733a3cdff9ae581a56789c6fb300e165e3ce215d42
-
SHA512
b363933d72bee95bfadbcb6249071d4da9a7c19d2c4851e8889b0da2cba317cce6a2485645da7dd1387114ffd6b64c85a2697f32add5a5f43cab7c3434200984
-
SSDEEP
6291456:mKEci4ILYe9E4hsy5C5A0RkBkPdfRH9Xu3IUa4j6Kmvcv:D84ILYq+hA0RkBkPVRH9Aa4j6KmvI
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-