General

  • Target

    6a8a4bbb19d86c40938a18771c9ff4c1.bin

  • Size

    2.9MB

  • Sample

    240116-c7p34scfb2

  • MD5

    917c7e317f07621b6a4b1b6b12d346ef

  • SHA1

    ed3316e1e993f420276d81a495f0495d2e6b7d9c

  • SHA256

    cdbdb53a281c06067a9ec1c6ef94bd5134af26df0c633f2d966e586d7ba78584

  • SHA512

    6eb08c109b8979ed7192e7e045ad6999628e228683b99b5b9f6415d26fe5ea8ded6da44f03cf0b7231b87046fa7b850b54fd651cd6a0803a44bf11725093804a

  • SSDEEP

    49152:kcwL9Y9DGYjD4swxWACgoMw802iCIfuCqZFRmTNsC8WI9PRiIunyxOYu+Ud8W3hz:YKDnj9+TjoRLJfvqZFRs6Wc+YuTd8W3B

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goddirtybrilliancece.fun/api

Targets

    • Target

      bf7942c4a7de7c08083c2bb5961fe1b3fd7f5ab22f8bec2b0494d294aa4db32c.exe

    • Size

      3.9MB

    • MD5

      6a8a4bbb19d86c40938a18771c9ff4c1

    • SHA1

      9416b64c873fafd2835cabeae9a322ee6671de10

    • SHA256

      bf7942c4a7de7c08083c2bb5961fe1b3fd7f5ab22f8bec2b0494d294aa4db32c

    • SHA512

      0523dfb127be53033b593ae1a410d6f08d4f8fee30b07f930244619a2cf21b5e0cf50c5ba5ea6060918bba3fd9029e0940b29ba90fab5886d91f5ef915450a28

    • SSDEEP

      49152:v3Pgz0GsP/7CYR3UTBb0xLCrSnBS4Guvx99yeUgncOVS/Ay06hPXql022:fPu0FP2jBbsnM4rvlyeUgcISB00S

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks