General

  • Target

    Setup.rar

  • Size

    8.0MB

  • Sample

    230424-ywa1psga6x

  • MD5

    10f8807ef0466f06f8626320370c9300

  • SHA1

    644a31527370048e701823cdfd429491d703e071

  • SHA256

    949ce125a01e43a16fa3a4cdec6ed856dbea9f4e7a9b398511ab5bb9b917aa0c

  • SHA512

    cd08a5f872b2e01909afe2e63027df3529d147d8cb007121567554ba83fd71b0d09a74a687b54480628a82eb30ccc2a2c1d4c2ef2401b0ed0160e35f91feb7bd

  • SSDEEP

    196608:kgCt9Zo71z7uEokzyJNzCyDBYU0GHE8p2m1r0TpC4QvrNiRA:7CjS7EEokzICGqmk8k2YlciRA

Score
10/10

Malware Config

Targets

    • Target

      Setup/Setup.exe

    • Size

      995.1MB

    • MD5

      9f3c222f96cca9c2feb98eb5a4b4a712

    • SHA1

      fe28ac4140274ad49adf83a3fa2cb51f4a9f679f

    • SHA256

      017f3df858edf64d85d00f07a4b72c9979f15e01dfb00e1b90035d03d64fe58b

    • SHA512

      2a4dc7c1bdebb7647ebe269ad5c994c95556d8873ad7c1e0ec5f3b31cb4563c2306fef99a72d5fa96002c7fd79c444c0d2e8574f61f484ee5158f999aad4b13c

    • SSDEEP

      384:KOMqjv10ETgLTTUzVi4JtLgwrPjSOnjl7F+Y:90ETgwzVi43gwrO4x7U

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks