General

  • Target

    b2fee94f0a0e587185328fc35fda0371d329d2810a169fa6f5e4fa6e1a082814 (1)

  • Size

    8.3MB

  • Sample

    240115-l6t54segh9

  • MD5

    a6662a53b9c5c830e1cc3851ade1fb95

  • SHA1

    7309071a95712dd9fe2eb36be0379cc0402043c5

  • SHA256

    b2fee94f0a0e587185328fc35fda0371d329d2810a169fa6f5e4fa6e1a082814

  • SHA512

    c731b40d61f218ae2b6332de071dfc8216809bb8460dd30a0365b0ad7640c3b6edeb92f2b567edac80c20dcd1f372603ceb300120154a67bc13fc65b4436b091

  • SSDEEP

    196608:ZmT9PrVoj206MVY3dgdicD4HfiKjKM5zOAnMn20nBZ:ZeGj16AY3d0icDkfiPAnMn20v

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goddirtybrilliancece.fun/api

Targets

    • Target

      Setup.exe

    • Size

      2.4MB

    • MD5

      9fb4770ced09aae3b437c1c6eb6d7334

    • SHA1

      fe54b31b0db8665aa5b22bed147e8295afc88a03

    • SHA256

      a05b592a971fe5011554013bcfe9a4aaf9cfc633bdd1fe3a8197f213d557b8d3

    • SHA512

      140fee6daf23fe8b7e441b3b4de83554af804f00ecedc421907a385ac79a63164bd9f28b4be061c2ea2262755d85e14d3a8e7dc910547837b664d78d93667256

    • SSDEEP

      49152:Y8UMSn5cV2N9LNwtQ5gRR+moI1axGbYj6QAl4ImDkg7d5lROCDG5yzlC97W+uJUM:QMS5hN9OtQ5gRjoI8xGbYj6QAl4gg7dF

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      UIxMarketPlugin.dll

    • Size

      3.2MB

    • MD5

      904bd445b777ecee5b0691e8aaed84e1

    • SHA1

      be361a8504542d0ea88ad1d85f78adea27e42dc0

    • SHA256

      8a5f58466ec349f8c7277ad80ab1f58514f653646cf9a4117879b056dc3bcb58

    • SHA512

      701fcd4a2f56f9f166c73b5430dd57af86ef29c20a271033acee25ff1e75cfe20be2f2620c9b10ebe014eb46f1585c9f36c0fbf649c7a493c08b685325ba9248

    • SSDEEP

      98304:8ZH7FZk7LP2nyh9VgFdJYZL6N8gPVIA8wuSgKTXTT3vlpS+EyYLgTjzKlgknJ1gl:ZLud1S4JhXTT3vlpjQAu9L7sx

    Score
    3/10
    • Target

      bin/UbuilderB.dll

    • Size

      3.6MB

    • MD5

      f474baf2f922f8485752170cc261a72b

    • SHA1

      7e447654e04a91a578a22da5f95d0827e543740e

    • SHA256

      2f9a39635d6a379577b073945477609c3ab3656c4adc54a0d7cce23c4432c04f

    • SHA512

      5bf9f3ddf527ebe14c610be6e6d525917f8fd7cbc697d1d308044a06ee7587977737c88d8ffc83508d1e8714efb761c05d38ef16037bd63862c419174c3cdd33

    • SSDEEP

      98304:D3yMS4vp4iKTBrHJWGs2NyqeoNE/7SRYY6:Dp4iKTVHJack+s

    Score
    7/10
    • Target

      bin/scv.jar

    • Size

      644B

    • MD5

      8d94fb4ef8d7abcb571f4a0c40bc8600

    • SHA1

      c2f61db774895c92c7e5e3e2e00c146ccb412314

    • SHA256

      4c49a4774b4185035a923fa4585e5a9b469a4a1ceb115da738c62d3d0ebf299e

    • SHA512

      66d3cbf6fb1f5d84e5f25fb56e6310cbfeca0b4ceaf839b10ffa7cf116c5431495dc2d7c3ff67e466b4730059711acfe40fafd49f163fa7578f70d478d572c03

    Score
    1/10
    • Target

      relay.dll

    • Size

      1.5MB

    • MD5

      7d2f87123e63950159fb2c724e55bdab

    • SHA1

      360f304a6311080e1fead8591cb4659a8d135f2d

    • SHA256

      b3483bb771948ed8d3f76faaa3606c8ef72e3d2d355eaa652877e21e0651aa9a

    • SHA512

      6cb8d27ebcfdf9e472c0a6fff86e6f4ec604b8f0f21c197ba6d5b76b703296c10c8d7c4fb6b082c7e77f5c35d364bcffd76ae54137e2c8944c1ea7bb9e2e5f08

    • SSDEEP

      49152:l2gm39uH+I5/GxEoadcqX7Q9F7r40YB+eTcq+PDXx1lWz0Tq:xmtuH+e/RoadcqX7Qz7rDY8vq+Pbx1lc

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks