General

  • Target

    DeadTriggerPC.exe

  • Size

    62.8MB

  • Sample

    230425-ygnm9acf34

  • MD5

    35f433373214bcdd0fe2e28f1d444927

  • SHA1

    6cd9eeb24d721516e65b380548af3d7d63901959

  • SHA256

    69b640e0b41b8fb62f77d947139f87e96c10b27e0cb12aa1301889aee4080866

  • SHA512

    2670138575518972ba69aaead2259b7d2420df785460e706e4adccc80db8c0508a98e3cf6071845ba965e490fd415d33cb6bb3399047a362a633e416e4d83565

  • SSDEEP

    1572864:HyXoONw5lLs9KGDPcBHnI5kZWGN0Oz9CH3EqdmgZQ/q7:SXk5hjGDcBHekQGeORCH3CaR7

Score
10/10

Malware Config

Targets

    • Target

      DeadTriggerPC.exe

    • Size

      62.8MB

    • MD5

      35f433373214bcdd0fe2e28f1d444927

    • SHA1

      6cd9eeb24d721516e65b380548af3d7d63901959

    • SHA256

      69b640e0b41b8fb62f77d947139f87e96c10b27e0cb12aa1301889aee4080866

    • SHA512

      2670138575518972ba69aaead2259b7d2420df785460e706e4adccc80db8c0508a98e3cf6071845ba965e490fd415d33cb6bb3399047a362a633e416e4d83565

    • SSDEEP

      1572864:HyXoONw5lLs9KGDPcBHnI5kZWGN0Oz9CH3EqdmgZQ/q7:SXk5hjGDcBHekQGeORCH3CaR7

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks