General

  • Target

    Cosmic_Game.rar

  • Size

    64.0MB

  • Sample

    230502-b6fydahd24

  • MD5

    2eca628be2988873d55995199fa87f0b

  • SHA1

    bfcb143c4979344a763c498e53926e638d66bf7e

  • SHA256

    52054c17d1652e522dde444eb236d5527be4119626fb7c81742fc6148bcd193a

  • SHA512

    a978d375ee125f8c83932a4cb86ca3a74d9e59ef1fdb7c762b44c4d654635308ff75da2b513da456d1cd41398c006b9579c9f98d3db2b0296ac0552b34843ef1

  • SSDEEP

    1572864:jjddrbWqUockqE0Xq459Bch4REtZg+plpG0ZfWzP+F+o248mm:XfWnK0a47AZg+QdP0+mm

Score
10/10

Malware Config

Targets

    • Target

      Cosmic_Setup.exe

    • Size

      64.0MB

    • MD5

      434e5651cfd80e82b59eb852bb58d0b9

    • SHA1

      18f8b778c6c751281cc40c0e225087b02dbd5af2

    • SHA256

      407e2f14f72be1ffe39b9f2878d6bed9775d9a0d8adf0b1e4cb8eb8cc92af737

    • SHA512

      cd4cf12d94ee656151672c2aada7332540bc02297921941c791ff4d75653d23b7d13bfaa6716108ff0f9120362b7574be78375260e31e62b635fc6d7b5e60543

    • SSDEEP

      1572864:5jddrbWqUockqE0Xq459Bch4REtZg+plpG0ZfWzP+F+o248mf:ZfWnK0a47AZg+QdP0+mf

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks