General

  • Target

    LeagueVMT.rar

  • Size

    64.0MB

  • Sample

    230428-yjnq2aga97

  • MD5

    c1dcc5bf9501cf72e8527992e9c15966

  • SHA1

    4cffa5e7dc2023d8db609d8adb6ae1dd97d9afd3

  • SHA256

    ced5e3c371515b959ba25f630483d6ca1488c21e4b8b68f44b2f02b66bdcbef7

  • SHA512

    d1b38c5b46903e13c234e2e38708e7cc8c9da4790222f47dd3f1b643829844ea6c9616c0cd9910291776a2ed410e33b3f5a4ddfffe73013dce7fa370a2c22625

  • SSDEEP

    1572864:YjddrbWEArzpHkEDfvNi5tW2DPyeJkxfWrbGWgt/LD3b638PB:AfWBBfDNi5ZzJGfW3Gt/LzbDPB

Score
10/10

Malware Config

Targets

    • Target

      LeagueVMT.rar

    • Size

      64.0MB

    • MD5

      c1dcc5bf9501cf72e8527992e9c15966

    • SHA1

      4cffa5e7dc2023d8db609d8adb6ae1dd97d9afd3

    • SHA256

      ced5e3c371515b959ba25f630483d6ca1488c21e4b8b68f44b2f02b66bdcbef7

    • SHA512

      d1b38c5b46903e13c234e2e38708e7cc8c9da4790222f47dd3f1b643829844ea6c9616c0cd9910291776a2ed410e33b3f5a4ddfffe73013dce7fa370a2c22625

    • SSDEEP

      1572864:YjddrbWEArzpHkEDfvNi5tW2DPyeJkxfWrbGWgt/LD3b638PB:AfWBBfDNi5ZzJGfW3Gt/LzbDPB

    Score
    3/10
    • Target

      LeagueVMT.exe

    • Size

      64.0MB

    • MD5

      808ff97bca1a24f1683a1c3a5ce06d5b

    • SHA1

      8b4f28adde47570b963d3b9977667e982487399f

    • SHA256

      07761526e1c4351141e43eb61f011d133bd82098fc5748e42c84c777ba5b968b

    • SHA512

      c61902eace174aed550dcd9e98871e890e52e55f75af1c8e94eaa005e4ee2bf2d0c323069c8955f72252ba65db98dcde8f1c1d2b275faee3860b99a0bfd09a23

    • SSDEEP

      1572864:1jddrbWEArzpHkEDfvNi5tW2DPyeJkxfWrbGWgt/LD3b638Pf:tfWBBfDNi5ZzJGfW3Gt/LzbDPf

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      config/DialogConfig.vdf

    • Size

      8KB

    • MD5

      a17e663c0092876ff8262e2e24204048

    • SHA1

      a975f4cf2110d504a03bc56625db5a38b661a71a

    • SHA256

      10fd86a8b19f41eda4297074ccc5122f866f4ed7a3584682ec2fb793d793cb86

    • SHA512

      dcdc9786bad2b9eb0daa1ac9da4345c9974a929563ea8613589de2e4f0db28aaa25b6cb691f9853c7345f062162fbab3b898a3869d350b9abb15bd90853aadf0

    • SSDEEP

      192:Z5r4LO7xCMN5r4L5WaRzvOfRzvTRzI8ED0O8A60O8A2mDZAr0O8AH0O8Ah0O8AM0:BaRzvoRzvTRzI8ED0O8A60O8A2mDZArF

    Score
    3/10
    • Target

      config/DialogConfigOverlay_1024x768.vdf

    • Size

      7KB

    • MD5

      c7b1182ef788a5dc2a2f3e8190faaed7

    • SHA1

      873ca91d93a56394e49824e2efb02f1c14079f27

    • SHA256

      e439ff637dd6fc3e29c3964388f7160698fa3e8e157532cd6ab1902aaa25703b

    • SHA512

      f936cd0813965ed86144f1b12b16e7e3a731408114fc91ecaf1ed99ac190201632a0634d0906b73a5a593ea32e25933c039c1458b4212e156731010e921c6678

    • SSDEEP

      192:Z5r4LO7xCMN5r4LEVzhCUOFFpzvlFpzv7YKkvMFpzvmFpzvkFpzvLxsOPK3l+oyx:ZVzhCUOFFpzvlFpzv7YKkvMFpzvmFpzw

    Score
    3/10
    • Target

      config/DialogConfigOverlay_1600x1024.vdf

    • Size

      4KB

    • MD5

      0946bd58e01582eeaf318e4374026b04

    • SHA1

      2e4ec88e1c79b3bd2cbf7a64926b25111c5b02d0

    • SHA256

      4ade4b4fe0615fc24e039595b15dda6f86827fc96deb43d1e2d3cc5195a7f19b

    • SHA512

      c4f04a59d1d30ea65c2aac17b82bca1ee70770e41d69814abb13bfbfd390970114906428bbb775f8f5deb149ad5432c543989f4d874741b7deb4e433e7f0729c

    • SSDEEP

      96:Z5r4LO7xYfMN5r4LcVzhCUOFjppzvljppzv7j0KkvMjppzvmjppzvkjppzvGmAd:Z5r4LO7xCMN5r4LcVzhCUOFFpzvlFpzG

    Score
    3/10
    • Target

      config/DialogConfigOverlay_1920x1080.vdf

    • Size

      4KB

    • MD5

      b10a011f4719c63e072f7cf404b3e7ec

    • SHA1

      b55a32c5295a1c371951864190c125214dbe389f

    • SHA256

      2242e9868fbd1c485aa36a4784f6185952028799e25143e7fbb90d5ca721344d

    • SHA512

      47135ee6124255a27e557a90595bf25e62b0da3a95707fe6f26577996cee54c2fe5911799e1166c44b2208a44b41ab202721f95b00b2dcc14919080577aac4fb

    • SSDEEP

      96:Z5r4LO7xYfMN5r4LDVzhCUOFjppzvljppzv7j0KkvMjppzvmjppzvkjppzvpb:Z5r4LO7xCMN5r4LDVzhCUOFFpzvlFpzh

    Score
    3/10
    • Target

      config/DialogConfigOverlay_852x480.vdf

    • Size

      6KB

    • MD5

      b4ed461e9333e30acad3903b5c1707ff

    • SHA1

      59140c8bc02d1bbf29c704ded60af46c554153aa

    • SHA256

      43ca6ac60ac41ef32d8028bbff21f444bde147b1e0008d767ca6f90d8016bb50

    • SHA512

      35b56e8949b7dbd35cb6dc9589a3d6d01ffe76c96c09d18bcdf6caeef46e0908eeb2539437eede00ab65403728945fb0646cc10d30b708c871d2ad2d124d364c

    • SSDEEP

      192:nsOPK3l+oyoHJqS5r4LO7xCMN5r4LiiFpzvlFpzv7YKkvMFpzvmFpzvkFpzvZ:ntK3l+oyoM4iFpzvlFpzv7YKkvMFpzvj

    Score
    3/10
    • Target

      config/config.vdf

    • Size

      17KB

    • MD5

      5e08803889b90a77abadaf21cd797aad

    • SHA1

      a6c8cba83128dafbe33dabdbd36f7fb9796c4816

    • SHA256

      a8f2fe1ad7da85724f77be2ed59d9d28243deaad82c3286c693db6d44cc7f858

    • SHA512

      795f44d83a3b6c443f78a450dfee1a826faf10b6ae9570157071dfaa5ed6790819b93099de512b0a9dab3c8b18f235c7c07e84ba02e2d285d2ec690ef204eed8

    • SSDEEP

      192:k9ZvNoIm1K6DZS3SdLghJbVmVGhLoxcCy1vz9zxsT1Rz9zJ7u1xz9zelJ14Ez9zL:g56DZSi5OAG6y1sT1Zu1EJ1Z

    Score
    3/10
    • Target

      config/coplay_76561199383451504.vdf

    • Size

      676B

    • MD5

      94b3458bff3ed8ef91e9d92e4be068b4

    • SHA1

      a1b4bf456dc90401eeb72e01485e95b5136dc5b5

    • SHA256

      600eb9d0a6cd20b39c1b32e9160b03a109f0841066d8798cc194bd2d219b39d0

    • SHA512

      5953b40cb763efe13b0a5f4e9212e3af3b5b51cef31f37194d9b3eef9652d86c427cadb130c570e1c19bf937efbb37d6120583828b15e43fd269957825a8cd6e

    Score
    3/10
    • Target

      config/libraryfolders.vdf

    • Size

      515B

    • MD5

      59e69b6fff22b94357fa47cfab7fc69b

    • SHA1

      6dd8e127ffd290f943c3ea5efdaf34a5dc495940

    • SHA256

      65ba0efa99553f5fba533a99009c3841e35146632f1f527f24f0c25cc55e9d99

    • SHA512

      92266c29548399480b49194f6df77783abab3720c63b464d17f9593fa1d1c290c4b42de0cd4d67c37cdf1b28b538f3c45d94171898a18aa334370e339f1b255b

    Score
    3/10
    • Target

      config/loginusers.vdf

    • Size

      255B

    • MD5

      0907081d09c41d710a50acb578b68e87

    • SHA1

      76837f15fc6c6d7c8b3a615f6a473125963155a9

    • SHA256

      6efbe9395ad60c730ea1cc45aa96bd1dd2f73049806e0d11e4787a0c5ff8c88b

    • SHA512

      bfa65dac1e80f3e3245f5e3ca6d9ddfce2e3fd22996f68129966a6e7ef26b216ed4f1d26a77f5b7b2761786189febc12fce78993f3ec142c4e1f9a61217bab45

    Score
    3/10
    • Target

      libraryfolders.vdf

    • Size

      515B

    • MD5

      59e69b6fff22b94357fa47cfab7fc69b

    • SHA1

      6dd8e127ffd290f943c3ea5efdaf34a5dc495940

    • SHA256

      65ba0efa99553f5fba533a99009c3841e35146632f1f527f24f0c25cc55e9d99

    • SHA512

      92266c29548399480b49194f6df77783abab3720c63b464d17f9593fa1d1c290c4b42de0cd4d67c37cdf1b28b538f3c45d94171898a18aa334370e339f1b255b

    Score
    3/10
    • Target

      loginusers.vdf

    • Size

      255B

    • MD5

      0907081d09c41d710a50acb578b68e87

    • SHA1

      76837f15fc6c6d7c8b3a615f6a473125963155a9

    • SHA256

      6efbe9395ad60c730ea1cc45aa96bd1dd2f73049806e0d11e4787a0c5ff8c88b

    • SHA512

      bfa65dac1e80f3e3245f5e3ca6d9ddfce2e3fd22996f68129966a6e7ef26b216ed4f1d26a77f5b7b2761786189febc12fce78993f3ec142c4e1f9a61217bab45

    Score
    3/10

MITRE ATT&CK Enterprise v6

Tasks