Resubmissions

29/04/2023, 16:39

230429-t563aadd3x 10

29/04/2023, 16:33

230429-t2xpfadd2v 10

General

  • Target

    ValorantLoading0.exe

  • Size

    53.2MB

  • Sample

    230429-t2xpfadd2v

  • MD5

    528c7fa8598ab0f0cf3ace973391a991

  • SHA1

    1bb881224b1b5400204b1493d1920ad7750064fe

  • SHA256

    2db50e843ecb7e518b6dbf29192158e0b2c3bfacdbe2257be98ad45319bba568

  • SHA512

    5996f3f55f5d77fa877f7377a978c4b132e72311861fabf04dc086f3d8fd6bcc4c5412128ce8cdbd6db349c4587e45c86ed40284aba8e0bbb5fc0ce4da5d3cf1

  • SSDEEP

    1572864:AexVAYy9tDh0FZk7yacONW5h5eekQC32L7:3xY7Dh0F+OacAOh9CGL7

Score
10/10

Malware Config

Targets

    • Target

      ValorantLoading0.exe

    • Size

      53.2MB

    • MD5

      528c7fa8598ab0f0cf3ace973391a991

    • SHA1

      1bb881224b1b5400204b1493d1920ad7750064fe

    • SHA256

      2db50e843ecb7e518b6dbf29192158e0b2c3bfacdbe2257be98ad45319bba568

    • SHA512

      5996f3f55f5d77fa877f7377a978c4b132e72311861fabf04dc086f3d8fd6bcc4c5412128ce8cdbd6db349c4587e45c86ed40284aba8e0bbb5fc0ce4da5d3cf1

    • SSDEEP

      1572864:AexVAYy9tDh0FZk7yacONW5h5eekQC32L7:3xY7Dh0F+OacAOh9CGL7

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks