Overview

overview

10

Static

static

1

Gamesetup_x64.rar

windows7-x64

3

Gamesetup_x64.rar

windows10-2004-x64

3

Gamesetup.exe

windows7-x64

10

Gamesetup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Gamesetup_x64.rar

  • Size

    56.5MB

  • Sample

    230402-c2z15aeb96

  • MD5

    77c18aed888520664fe906cae2aa7859

  • SHA1

    89655fa405efb7e3d4046d7c5aca517548af6ddd

  • SHA256

    dbe5c0a473d5468520e3cf127c4e88a6e5ff26c205461f28a0a023de297b8381

  • SHA512

    7c174fabfedaa0718d442f69ce99fc89a3c620ec931e040428b15d7e41ab11e774e363a9a3531fdb709cce2d88a762df608a12fdeb74f70408a41722e2285ee2

  • SSDEEP

    786432:v7v+nGMHGwpylmUNsg4wevhJaoHPOCT1Bq+b/h4H3lo+Ueldq1t+2zlTNJWjvZDt:gG8pe24Y1dS+tel+AalTM53i4WpXlJnE

Score
10/10
lummaspywarestealer

Malware Config

Targets

    • Target

      Gamesetup_x64.rar

    • Size

      56.5MB

    • MD5

      77c18aed888520664fe906cae2aa7859

    • SHA1

      89655fa405efb7e3d4046d7c5aca517548af6ddd

    • SHA256

      dbe5c0a473d5468520e3cf127c4e88a6e5ff26c205461f28a0a023de297b8381

    • SHA512

      7c174fabfedaa0718d442f69ce99fc89a3c620ec931e040428b15d7e41ab11e774e363a9a3531fdb709cce2d88a762df608a12fdeb74f70408a41722e2285ee2

    • SSDEEP

      786432:v7v+nGMHGwpylmUNsg4wevhJaoHPOCT1Bq+b/h4H3lo+Ueldq1t+2zlTNJWjvZDt:gG8pe24Y1dS+tel+AalTM53i4WpXlJnE

    Score
    3/10
    behavioral1behavioral2

    • Target

      Gamesetup.exe

    • Size

      56.5MB

    • MD5

      7acd873289059fddf8240c6dfb92435d

    • SHA1

      43ae41e5570de8da588274121903979d2669e37f

    • SHA256

      9f45b9079fe3ae2401d5e19079d8c794cd5b6ce219523361d43dc44decbcf5f9

    • SHA512

      15f17b1ea9aba1b9c1c6bef2edae9f131c7cc04301a84a864d050a481a4c214bebae649633c97b76347c498a89ce41382d1f40946f4dad8506a04027a16a270d

    • SSDEEP

      786432:Y7v+nGMHGwpylmUNsg4wevhJaoHPOCT1Bq+b/h4H3lo+Ueldq1t+2zlTNJWjvZDC:NG8pe24Y1dS+tel+AalTM53i4WpXlJn7

    Score
    10/10
    lummaspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks