General

  • Target

    LeagueVMT.rar

  • Size

    64.0MB

  • Sample

    230428-yfd3eshh71

  • MD5

    c1dcc5bf9501cf72e8527992e9c15966

  • SHA1

    4cffa5e7dc2023d8db609d8adb6ae1dd97d9afd3

  • SHA256

    ced5e3c371515b959ba25f630483d6ca1488c21e4b8b68f44b2f02b66bdcbef7

  • SHA512

    d1b38c5b46903e13c234e2e38708e7cc8c9da4790222f47dd3f1b643829844ea6c9616c0cd9910291776a2ed410e33b3f5a4ddfffe73013dce7fa370a2c22625

  • SSDEEP

    1572864:YjddrbWEArzpHkEDfvNi5tW2DPyeJkxfWrbGWgt/LD3b638PB:AfWBBfDNi5ZzJGfW3Gt/LzbDPB

Score
10/10

Malware Config

Targets

    • Target

      LeagueVMT.exe

    • Size

      64.0MB

    • MD5

      808ff97bca1a24f1683a1c3a5ce06d5b

    • SHA1

      8b4f28adde47570b963d3b9977667e982487399f

    • SHA256

      07761526e1c4351141e43eb61f011d133bd82098fc5748e42c84c777ba5b968b

    • SHA512

      c61902eace174aed550dcd9e98871e890e52e55f75af1c8e94eaa005e4ee2bf2d0c323069c8955f72252ba65db98dcde8f1c1d2b275faee3860b99a0bfd09a23

    • SSDEEP

      1572864:1jddrbWEArzpHkEDfvNi5tW2DPyeJkxfWrbGWgt/LD3b638Pf:tfWBBfDNi5ZzJGfW3Gt/LzbDPf

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks