General

  • Target

    Loader.rar

  • Size

    69.1MB

  • Sample

    230424-j3ly8aaf76

  • MD5

    fc567a42c4ff437d80ee3b75d7278055

  • SHA1

    a6e5f5205f5019e15721c8953838eacea5e71a2e

  • SHA256

    a6cc3076fbf2a79f06231dfd22a9f34a24d40eb9f991fb9d62caede2951377e8

  • SHA512

    4db98e39a5561c3b8e6eb226dfddcef577ee72e25803ca510956a4d1437aab455f2c1060866a53476796855906c3c34edbe871fecc70eb1f23b8a8e3ab6ecb43

  • SSDEEP

    1572864:NjddrbWj31/P+pTkqE8ElJ1CIapOTe9mLScERod4jc:1fWZ2dK8ELpEGiiSZRTc

Score
10/10

Malware Config

Targets

    • Target

      loader.exe

    • Size

      69.1MB

    • MD5

      f3f89eae7a713cd46d2886d7cbdeb9c1

    • SHA1

      6b45ca66d42cb54b51f4c0168002aaa409a5a384

    • SHA256

      5b4573a2831672e1e44e911b843fb00b56c88b03c16ed5778e5d3ca87e105553

    • SHA512

      df4eecfbc9f1c31a0516ddcdc005612e46e871e13412ed2f8028f97bda3d79a7d97c74ba0ef74849f084e826bd3021871fbf812bf23bb76c164f1b8f170e3852

    • SSDEEP

      1572864:qjddrbWj31/P+pTkqE8ElJ1CIapOTe9mLScERod4j:2fWZ2dK8ELpEGiiSZRT

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks