General

  • Target

    6438959caa5155c0c969dcace66eebfa

  • Size

    270KB

  • Sample

    240118-cqn5gsbeb3

  • MD5

    6438959caa5155c0c969dcace66eebfa

  • SHA1

    5bb5ea852560baef05801ffea9eb14ffa97ab559

  • SHA256

    e206cf69d2f02a6c3b16d9587915531ffbb859f63a17e673bbb4cb2b2040cf95

  • SHA512

    30358af1273ca776b9c5ab6b95dea45ad42ba2a58327a3b8ab8d368d49c3cecb89f68d1b9fafd7bba84936d9354c5b4b31a16ae737528ed1ad2c7cfa245c2c8e

  • SSDEEP

    6144:AxmxWxju2skaeOkb8H/fRzJaoVYD+n6stm0hri/k:5Y3b78fRJeD+nNtmues

Score
10/10

Malware Config

Targets

    • Target

      6438959caa5155c0c969dcace66eebfa

    • Size

      270KB

    • MD5

      6438959caa5155c0c969dcace66eebfa

    • SHA1

      5bb5ea852560baef05801ffea9eb14ffa97ab559

    • SHA256

      e206cf69d2f02a6c3b16d9587915531ffbb859f63a17e673bbb4cb2b2040cf95

    • SHA512

      30358af1273ca776b9c5ab6b95dea45ad42ba2a58327a3b8ab8d368d49c3cecb89f68d1b9fafd7bba84936d9354c5b4b31a16ae737528ed1ad2c7cfa245c2c8e

    • SSDEEP

      6144:AxmxWxju2skaeOkb8H/fRzJaoVYD+n6stm0hri/k:5Y3b78fRJeD+nNtmues

    Score
    10/10
    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Modifies security service

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks