General

  • Target

    5e2976ce88fa57fc644c9a4c8927ee04.bin

  • Size

    3.6MB

  • Sample

    240113-dapxhsafem

  • MD5

    2217fd301a54110e7b909433e9c5bc22

  • SHA1

    326604e4d2765b01035893dea8b1d1e3ef5167b6

  • SHA256

    3aa1e747cd99415f169519884ecd1246d7c665fe9c0449b2436a42c616f82447

  • SHA512

    a580a778a97627979a6c28b269b652f4de6ec06730b6bb59f73ad6e5802a2a89d2183f5ebaed1ea00ef3907d4f97cdcd03d7ba6f579d1e46fb3856725d664c8e

  • SSDEEP

    49152:jfqgX60ERlVLP3pVjxNBwYJ+3iq7FQ7e/eu4klC3zBy+iKNeCegOdmwqp4k/0OS6:jSjtLP3vrCH7N/t4klCjVhATgOWhsqZ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goddirtybrilliancece.fun/api

Targets

    • Target

      ed347277bed3d64edf62b11c0c3b15e559a36807c13f6d0036afeb8554b1f506.exe

    • Size

      5.4MB

    • MD5

      5e2976ce88fa57fc644c9a4c8927ee04

    • SHA1

      e08925b21d0b4d4489594987caed43fb49bbd6f0

    • SHA256

      ed347277bed3d64edf62b11c0c3b15e559a36807c13f6d0036afeb8554b1f506

    • SHA512

      c2253dcf7e5810646bab961b7dc053cb7345c910ed1db35cd444804fe57b71b09273169c20b1f611dae877ea115b4906467b84fce79a5aeb21444c28fc576f24

    • SSDEEP

      98304:Z+O+9HfVZ26AmlfdGK5JGm+Ujnp76sUOQXG67mxn1Aupsff:Z8/HAmlfd5v+Ujp76FVXJOOupo

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks