lumma | c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276
Size

5.1MB
Sample

231211-fvvdvadhhl
MD5

7f4f98a26d4835578f46224112cc6a15
SHA1

c5cbaf07ef86ee77e7a079ece95e749e7b93a0f0
SHA256

c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276
SHA512

c2fe13271b35c799ea871b54f0d73a61a2ceed5b4f8fa7464bc758908f35185bfe1c43d38c54941c9fef18284334d61ddab506121d7d993ec87752a77eea8c5b
SSDEEP

49152:P+YP67CyHtopnQluz8CTtagvrvdNVELjMmPQt+yJQ1EErwVeCbrrqe8t6WmfFXAA:02YtaHDvdXEvPgwtTCo6R9wJLYtk+L/j

Score

10^/10

lumma zgrat rat stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276.exe

Resource

win7-20231130-en

lumma zgrat rat stealer

windows7-x64

8 signatures

300 seconds

Behavioral task

behavioral2

Sample

c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276.exe

Resource

win10-20231129-en

lumma zgrat rat stealer

windows10-1703-x64

8 signatures

300 seconds

Malware Config

Targets

- Target
  
  c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276
- Size
  
  5.1MB
- MD5
  
  7f4f98a26d4835578f46224112cc6a15
- SHA1
  
  c5cbaf07ef86ee77e7a079ece95e749e7b93a0f0
- SHA256
  
  c20f57c4db1ec145b3f2131677c80e8ceb88b11b81dbb1e7bf84983daf514276
- SHA512
  
  c2fe13271b35c799ea871b54f0d73a61a2ceed5b4f8fa7464bc758908f35185bfe1c43d38c54941c9fef18284334d61ddab506121d7d993ec87752a77eea8c5b
- SSDEEP
  
  49152:P+YP67CyHtopnQluz8CTtagvrvdNVELjMmPQt+yJQ1EErwVeCbrrqe8t6WmfFXAA:02YtaHDvdXEvPgwtTCo6R9wJLYtk+L/j
Score

10^/10

lumma zgrat rat stealer
- Detect Lumma Stealer payload V4
- Detect ZGRat V1
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lummazgratratstealer

behavioral2

lummazgratratstealer

© 2018-2025

Terms | Privacy