Overview

overview

10

Static

static

1

damned_setup.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    damned_setup.zip

  • Size

    63.9MB

  • Sample

    230424-tdxpjaef5z

  • MD5

    5c988680d61a7bd789485be42c290d10

  • SHA1

    0bafff6d46537028a89ab2525cda49e4ddcfc9c7

  • SHA256

    0dd6e1cd6d4723b5d3b862dffd97579060fb2068126850b712a5779d946d4af8

  • SHA512

    5b23e32c00349ba5e1aac8f90dddb4cd8812aa64d37e214423fb0e1bd6ea0b44c81a416311cae58273be0621af0f03d0758d61d2b526870d9bf6b7beaba0dba0

  • SSDEEP

    1572864:2rXLnru4fWQUS2+zYGSlNS9TBCXV0mNw2YIXFi:CPu4eQUIZSb4lClZNw2Ni

Score
10/10
lummaspywarestealer

Malware Config

Targets

    • Target

      damned_setup.exe

    • Size

      64.0MB

    • MD5

      a07785cc1cb2d94a0edbf6a383fd23eb

    • SHA1

      4b61f371b6d4299f5e8bb32489c6b354981c7edb

    • SHA256

      81312aca1a087e57dcd4bfa9daf4ef4f4b9e2d33d0ad402018941be744acff92

    • SHA512

      376ea4f0c9b6778bb42d866914bd34fa432ac635dcdd8aab8f7aeabc32901cce6c014cb658818699094fe9c07706acb21a4e04f7fc8486a4b474e7683d77a26e

    • SSDEEP

      1572864:TjddrbWayuRkeK3SGUrpWxFvcz7I+12qM93Ncf:HfWPuRWfUl+dcPt12qqcf

    Score
    10/10
    lummaspywarestealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks