General

  • Target

    Vipеr.exe

  • Size

    719KB

  • Sample

    240113-ytwvdsddfp

  • MD5

    d6e09655c6cdbde43e369139f83daf95

  • SHA1

    b39118535fe9381a3b3fa1684d9d4b3f73ec8c2e

  • SHA256

    7cc14de7aa14d26301af13444969313799766c00d4431128402dd60a12c54f4c

  • SHA512

    167e8ca7d4324ed633d862ba5b979eb5417167c41a6cbc06ccac6cea454e14dd409888d350f625c35d0fb24b1e4771a13791850855a2e9e2ad17090128f64bbc

  • SSDEEP

    12288:dsNyZhVdnoB8ZfjOi9gkeroQXzVW9pCOT6jwaN:GNeLk8fQoQDVOQD1

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goddirtybrilliancece.fun/api

Targets

    • Target

      Vipеr.exe

    • Size

      719KB

    • MD5

      d6e09655c6cdbde43e369139f83daf95

    • SHA1

      b39118535fe9381a3b3fa1684d9d4b3f73ec8c2e

    • SHA256

      7cc14de7aa14d26301af13444969313799766c00d4431128402dd60a12c54f4c

    • SHA512

      167e8ca7d4324ed633d862ba5b979eb5417167c41a6cbc06ccac6cea454e14dd409888d350f625c35d0fb24b1e4771a13791850855a2e9e2ad17090128f64bbc

    • SSDEEP

      12288:dsNyZhVdnoB8ZfjOi9gkeroQXzVW9pCOT6jwaN:GNeLk8fQoQDVOQD1

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks