General
-
Target
Setup.zip
-
Size
6.6MB
-
Sample
230430-tcesbsca3w
-
MD5
ef6263b792549b5b3abfe33a8ebe9771
-
SHA1
2d3e1a53d78490ca12db27cb90817d7ebcfd04ce
-
SHA256
da0eb63691ac93a850ddbc26e9ca7ce0af481d14ca0e1c5668ebc5f299f8e6e3
-
SHA512
ff771bb9f460945000ccd2d61e6a9053b66a700801473ecafc0fc1729240ccfbe6564b1d1f6d874abd13f99c021a53f7fe31e656f878c6ee389a1c8d0da00ecd
-
SSDEEP
196608:sASyANbxw4Kb1wUhVJ3DJRS+iGvgauwkiuSDi1mjmZ0A:szyANNwbRwUhVJzJJiZ11m80A
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20230220-en
Malware Config
Extracted
lumma
77.73.134.68
Targets
-
-
Target
Setup.exe
-
Size
309.0MB
-
MD5
254d7550e25a597539d67ffd01e3f1bd
-
SHA1
1ea7d651df85cd0e04d8ce3153e01a5cff49af79
-
SHA256
e57cfd368ad71d81543c22d1e12ef620eca6677254556cc00375fda768f2487f
-
SHA512
e77b1631ed6308fcf829f8e1cc89c3f3c0033fe7bca2b7b50068f6817c620d81635483fc99e753df5d63f48a389470ca43a747a5a2eb78ca90a0c04f38dffa5d
-
SSDEEP
98304:yfvj0c99XePv0bCo88ePugdxMuhL400IkaDBZw1NVGQ6K4ll4b0E/fBY:yfL00Z9bi8edvMuhLVJ9BZeIKql4n
-
Detect Lumma Stealer payload V2
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-