Analysis
-
max time kernel
141s -
max time network
116s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
21-03-2023 14:39
Static task
static1
Behavioral task
behavioral1
Sample
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.exe
Resource
win7-20230220-en
General
-
Target
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82.exe
-
Size
3.3MB
-
MD5
50938be136527970c4fa9df18842ad76
-
SHA1
63ec9a2c612b57e082d27421b88d30e673e873f2
-
SHA256
199de8b727ceae96afb7c7560092c1d7a4dbe5a005c07ae20cffd9871da52b82
-
SHA512
c2655b9e643a7d854984527d8b4260632bea369b5baf68e6718c5d638751abe249f4cc620b2ae03c6ed53705ac764f74aa36d3b950aa04e45184409b92bd275d
-
SSDEEP
98304:dcR7APDOTa07J1qEGj05rAfBuHLbhTXmdYx/t3WP:waDSjkCrAfBuHLbpmdY9t3
Malware Config
Extracted
lumma
45.9.74.78
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3376-133-0x0000000000400000-0x00000000009B4000-memory.dmpFilesize
5.7MB
-
memory/3376-134-0x0000000000400000-0x00000000009B4000-memory.dmpFilesize
5.7MB
-
memory/3376-136-0x0000000000400000-0x00000000009B4000-memory.dmpFilesize
5.7MB
-
memory/3376-141-0x0000000000400000-0x00000000009B4000-memory.dmpFilesize
5.7MB