General

  • Target

    WeMod-Setup.exe

  • Size

    141KB

  • Sample

    230425-xcg48scc86

  • MD5

    149c47441d8589ba66f52f6a1665b21b

  • SHA1

    64eccef1d3da82d3faa275c8cc5c3e9345ccd1d4

  • SHA256

    7fc7530912b21b24dd5cebf567e0ef08931c820fd41dac3b3b484ff360e17682

  • SHA512

    bc2ca6160e0ef471b592cbaf9239d45fffdcfb563fc9bfa3a5aedf0344d9bac7faebbdcddf97fbc8d4d997218506de08eae61baf7637d1f843d823575de2256c

  • SSDEEP

    3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt

Score
10/10

Malware Config

Targets

    • Target

      WeMod-Setup.exe

    • Size

      141KB

    • MD5

      149c47441d8589ba66f52f6a1665b21b

    • SHA1

      64eccef1d3da82d3faa275c8cc5c3e9345ccd1d4

    • SHA256

      7fc7530912b21b24dd5cebf567e0ef08931c820fd41dac3b3b484ff360e17682

    • SHA512

      bc2ca6160e0ef471b592cbaf9239d45fffdcfb563fc9bfa3a5aedf0344d9bac7faebbdcddf97fbc8d4d997218506de08eae61baf7637d1f843d823575de2256c

    • SSDEEP

      3072:Bojm4ILlCI+4COHCyhaEtHZkOpk97oc4ILlCI+4TOHHSafx:Bd+bwaEtHLhiHt

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks