Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Lazzarus_Setup.exe

windows10-1703-x64

10

Lazzarus_Setup.exe

windows7-x64

10

Lazzarus_Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lazzarus_Setup.exe

  • Size

    53.2MB

  • Sample

    230418-bdp1ksaf4w

  • MD5

    2ad6b36a0c48ca740b6d5c8f3c988ece

  • SHA1

    86d8ba6c8f6b4f226ab57376d4d2f944cba0c075

  • SHA256

    2bb8fe909426c314cb93c573b4e4230fa8c6649f2862d2cacca751e7998302d0

  • SHA512

    b30e6d6b8aa341d02ee9240e6b9030b4a0fb0609b67e7ea5ac8a27c1814c4790e66694887795a40378ef0687e4d78046e3cb113767b1afba33d8adeb028e06ca

  • SSDEEP

    1572864:CZikz7kZQ0IWFSZhqGJlwRoEpG1wEArR7MCh7:k/kZQfDqGJlwRoh1oFICh7

Score
10/10
lummaredlineinfostealerspywarestealer

Malware Config

Targets

    • Target

      Lazzarus_Setup.exe

    • Size

      53.2MB

    • MD5

      2ad6b36a0c48ca740b6d5c8f3c988ece

    • SHA1

      86d8ba6c8f6b4f226ab57376d4d2f944cba0c075

    • SHA256

      2bb8fe909426c314cb93c573b4e4230fa8c6649f2862d2cacca751e7998302d0

    • SHA512

      b30e6d6b8aa341d02ee9240e6b9030b4a0fb0609b67e7ea5ac8a27c1814c4790e66694887795a40378ef0687e4d78046e3cb113767b1afba33d8adeb028e06ca

    • SSDEEP

      1572864:CZikz7kZQ0IWFSZhqGJlwRoEpG1wEArR7MCh7:k/kZQfDqGJlwRoh1oFICh7

    Score
    10/10
    lummaredlineinfostealerspywarestealer

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

      stealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks