General

  • Target

    C4A17DBA.exe

  • Size

    755KB

  • Sample

    230716-x93r7shd4w

  • MD5

    b0517305850d5be8e02a648bb90a3c6d

  • SHA1

    24e75c0ea6b07fd3c4e03c6661ed911632f3e784

  • SHA256

    5c180cd34694c91bc7f4ecaf67d4f462f10254d190d181e02a2a2a7e03d44204

  • SHA512

    17207aec32a872ad024fb2c67e272830454ca69b095c8b43a1db46c842c6e8530b10a3cc9f1c4d596757949d8a2c448bae44d058f614f037cbf93cb036ca26af

  • SSDEEP

    12288:IsjWYqfNTYmessZerchdW7lRA3aDloJZsjudEDT26qh+kB:IsjWYGYnZQchI83mlamGv6a

Score
10/10

Malware Config

Extracted

Family

lumma

C2

gstatic-node.io

Targets

    • Target

      C4A17DBA.exe

    • Size

      755KB

    • MD5

      b0517305850d5be8e02a648bb90a3c6d

    • SHA1

      24e75c0ea6b07fd3c4e03c6661ed911632f3e784

    • SHA256

      5c180cd34694c91bc7f4ecaf67d4f462f10254d190d181e02a2a2a7e03d44204

    • SHA512

      17207aec32a872ad024fb2c67e272830454ca69b095c8b43a1db46c842c6e8530b10a3cc9f1c4d596757949d8a2c448bae44d058f614f037cbf93cb036ca26af

    • SSDEEP

      12288:IsjWYqfNTYmessZerchdW7lRA3aDloJZsjudEDT26qh+kB:IsjWYGYnZQchI83mlamGv6a

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks