General

  • Target

    mal.rar

  • Size

    17.5MB

  • Sample

    240116-vymwhagdd4

  • MD5

    f81c43c8b883263e293a843329306883

  • SHA1

    b6c030c68fe6c548580c9c72d573edcd3b535b0d

  • SHA256

    c00f94a20b0514e991ccd0ba8b90383283a427b02a07d4e33e9a08cf727738de

  • SHA512

    33dae33ad099439eb4d2f1ee12c89ea255c36b5b2b49663c5df47ebddd8d7e5662f592a98587b113e8662f60398a0e63051d7df8af149aad1e003678003ae263

  • SSDEEP

    393216:9S+05IZkG7DqpADqpnD1rdnlB0HoG520ab4qzymmvWc1hdL1ZVFRphi07Kfv:sxuf/qOqpDJdnStBaEqukc1DlSJv

Score
10/10

Malware Config

Extracted

Family

lumma

C2

http://zamesblack.fun/api

Targets

    • Target

      Setup.exe

    • Size

      77KB

    • MD5

      659dbfb6cad2836899bcb2c17cc5411a

    • SHA1

      f2e070ae58d9938abc88003a7e60dc5a4b33da56

    • SHA256

      132e2aaf6ba22738d79a027f967b865154f427eb5aa9c623dd4a2e9c0656e279

    • SHA512

      1625917a16e434451d468c851e8310e0c683edc08f434369e047a47868b14d80930181ab4cd101e287174b8442449336f27369403a929b7c33fbee3cae7b5ed6

    • SSDEEP

      1536:eKMOGAm0rMcSyYxIghmuvUXkO5zYekT5Z/Xy4k2aT:eKMtAm0rMJyYIghzvUXkO5zYFXy4kZT

    Score
    10/10
    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks