General

  • Target

    GOG_Galaxy_2.0.exe

  • Size

    960KB

  • Sample

    230430-zt81dsba98

  • MD5

    2900d9fb03f39b76fbe897f9780add5c

  • SHA1

    3a1390d2e5398d6db00aaa08b969c2e1bd7f3fb8

  • SHA256

    3a19fd486163e03d64d375cc71897e833b9f86a2f3935c8578c277eb6227a49a

  • SHA512

    ee1bb00488ec4de1d2ecb03f5c933ffae79f03a018c20517cee380320607243e72d0197fcdf6cbcd945897bcae5165e94505674838b5ba0f7e143b83f9144746

  • SSDEEP

    12288:T27p5j8DPeuUSFHqLV+JjY4UW61O4RAxDleFbWQCQTFgSYyAzB+Q/uLnK3:T27EDFHqLy826My+QiyGJyAV+muLK3

Malware Config

Targets

    • Target

      GOG_Galaxy_2.0.exe

    • Size

      960KB

    • MD5

      2900d9fb03f39b76fbe897f9780add5c

    • SHA1

      3a1390d2e5398d6db00aaa08b969c2e1bd7f3fb8

    • SHA256

      3a19fd486163e03d64d375cc71897e833b9f86a2f3935c8578c277eb6227a49a

    • SHA512

      ee1bb00488ec4de1d2ecb03f5c933ffae79f03a018c20517cee380320607243e72d0197fcdf6cbcd945897bcae5165e94505674838b5ba0f7e143b83f9144746

    • SSDEEP

      12288:T27p5j8DPeuUSFHqLV+JjY4UW61O4RAxDleFbWQCQTFgSYyAzB+Q/uLnK3:T27EDFHqLy826My+QiyGJyAV+muLK3

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Target

      out.upx

    • Size

      1.7MB

    • MD5

      a72a4548ed9d6de9b92f0088718f55c7

    • SHA1

      98af738af9daeed7829c782236f30f934d224495

    • SHA256

      7ab823e5f328e282e320e0eed90f692d19193959cab5774de9b4555ea7433ca8

    • SHA512

      c858e4eab20bfc07e33baedf1d1020de317ba3e9f0d29d64b391186a275453538170a4c32a83b4c5b8af9cd574eef783dddd49312b8839f2429d63bab8bcb132

    • SSDEEP

      24576:Ev2Bu7i8GdTDb1ncP2Irqc2xXIE2IKcoQhIj9GJyAV+muLK3NydyTAV+mY1o1VcQ:EvM8GdTDb1ncP2ImpXIEMcEj9IqH0N

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks