General

  • Target

    nitro-gen-premium.exe

  • Size

    64.0MB

  • Sample

    230425-q94wyace31

  • MD5

    9d59ee5e66c932c9cefc2c52da68a965

  • SHA1

    3c82e2605622b979abbeccf8fa4877214be581e6

  • SHA256

    26dd81b216ac3a57db217e29e3e12f24ca3a1644e9bc3cf8e18359eadaf65960

  • SHA512

    a19fe272f1267839f2dc7f12ccb7669c597c93fa94e903bcee324d071c6a1a1ec68f4e4a75c44eae65c391fd8ca3fdb324297d8dbe33a997b5826a299037bb62

  • SSDEEP

    1572864:ojddrbW+wEJ38yVSmq1acW5XHU7IYbIBDDtzFOQqlXr7zjaD:QfWwl8VZghHU8rKjaD

Score
10/10

Malware Config

Targets

    • Target

      nitro-gen-premium.exe

    • Size

      64.0MB

    • MD5

      9d59ee5e66c932c9cefc2c52da68a965

    • SHA1

      3c82e2605622b979abbeccf8fa4877214be581e6

    • SHA256

      26dd81b216ac3a57db217e29e3e12f24ca3a1644e9bc3cf8e18359eadaf65960

    • SHA512

      a19fe272f1267839f2dc7f12ccb7669c597c93fa94e903bcee324d071c6a1a1ec68f4e4a75c44eae65c391fd8ca3fdb324297d8dbe33a997b5826a299037bb62

    • SSDEEP

      1572864:ojddrbW+wEJ38yVSmq1acW5XHU7IYbIBDDtzFOQqlXr7zjaD:QfWwl8VZghHU8rKjaD

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks