Analysis
-
max time kernel
109s -
max time network
168s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
21-03-2023 14:39
General
-
Target
installerx64.exe
-
Size
815.4MB
-
MD5
32cc3781027a0a65267251ad4b745436
-
SHA1
7e761422d9a80f0b5cb5a67c27963be594f1b4ad
-
SHA256
f59a9dee9c77d8e449f811342d07ce98ab3664aeeab60ae50019c9945784d2a9
-
SHA512
7925e37bd340f94962b7c7c00863760d7086bc0857643e9a2d9fa57476f925273aefdf06602c0e52fed6f78b3cea0913c2611dd58570af349b4fb8d4dc261258
-
SSDEEP
98304:VlhDJ2TOJ8hWGmCHujQ+EhNe/2mRlJ+NneC:DxCQGObEhA/27NnB
Score
10/10
Malware Config
Signatures
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\installerx64.exe"C:\Users\Admin\AppData\Local\Temp\installerx64.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3696-133-0x0000000000480000-0x000000000092A000-memory.dmpFilesize
4.7MB
-
memory/3696-134-0x000000001C250000-0x000000001C260000-memory.dmpFilesize
64KB
-
memory/3696-135-0x0000000000DA0000-0x0000000000DA1000-memory.dmpFilesize
4KB
-
memory/3696-136-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-137-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-139-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-141-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-143-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-145-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-147-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-149-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-151-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-153-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-155-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-157-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-159-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-161-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-163-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-165-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-167-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-169-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-171-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-173-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-175-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-177-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-179-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-183-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-181-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-185-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-187-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-189-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-191-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-193-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-195-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-197-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-199-0x000000001C160000-0x000000001C223000-memory.dmpFilesize
780KB
-
memory/3696-227-0x000000001C250000-0x000000001C260000-memory.dmpFilesize
64KB