General

  • Target

    5fca1af193dc79d0a7313d09a89e0fe1

  • Size

    1.2MB

  • Sample

    240116-nl78caafbr

  • MD5

    5fca1af193dc79d0a7313d09a89e0fe1

  • SHA1

    60b9f3774b5465b584faebe9768ba45320d8c04a

  • SHA256

    e8761d6aaa8fe1cdafdb6ae803302ed3adda9644b44dfc7d3a38e436c036cfec

  • SHA512

    416e5b8f062b2e1d873b6b7c48da96efc5d741f43542dcbe095ed20ccc8b257a95308ca287aad69f844bbe7cdf27111e4e23790d89eea668bf4d3b0bbe98583d

  • SSDEEP

    24576:BQHk18m7hgeUR3Gw4K2unwWJ7DFzkKGTP0oOYvw:BQCBhUwRVWHzkTLGY

Malware Config

Targets

    • Target

      5fca1af193dc79d0a7313d09a89e0fe1

    • Size

      1.2MB

    • MD5

      5fca1af193dc79d0a7313d09a89e0fe1

    • SHA1

      60b9f3774b5465b584faebe9768ba45320d8c04a

    • SHA256

      e8761d6aaa8fe1cdafdb6ae803302ed3adda9644b44dfc7d3a38e436c036cfec

    • SHA512

      416e5b8f062b2e1d873b6b7c48da96efc5d741f43542dcbe095ed20ccc8b257a95308ca287aad69f844bbe7cdf27111e4e23790d89eea668bf4d3b0bbe98583d

    • SSDEEP

      24576:BQHk18m7hgeUR3Gw4K2unwWJ7DFzkKGTP0oOYvw:BQCBhUwRVWHzkTLGY

    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Modifies security service

    • Executes dropped EXE

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks