General

  • Target

    369854d5da07c79c05131a1a076e697869da35449aed93e6b1d00003f6977242

  • Size

    5.5MB

  • Sample

    240221-vcgglabd7z

  • MD5

    672c3b5877a4bb2d7e53f9a03cc74c22

  • SHA1

    893f08319ce2ec82c4c4b3323d2d3b2335de3724

  • SHA256

    369854d5da07c79c05131a1a076e697869da35449aed93e6b1d00003f6977242

  • SHA512

    9449cfc84211ea26309e9174c079bb78a39603281860d02ee71e641563a8da4b9fc991374b3ea3d5176b0319d83e634eae16f16ee77d92167011c32a47ee58e3

  • SSDEEP

    98304:Bmr4NkRBUdVsN3cUgG/P0K3C/BITYgTV3VOP9qqO7O6waH:xmRBko3Yh/BIA9OOpaH

Score
10/10

Malware Config

Targets

    • Target

      369854d5da07c79c05131a1a076e697869da35449aed93e6b1d00003f6977242

    • Size

      5.5MB

    • MD5

      672c3b5877a4bb2d7e53f9a03cc74c22

    • SHA1

      893f08319ce2ec82c4c4b3323d2d3b2335de3724

    • SHA256

      369854d5da07c79c05131a1a076e697869da35449aed93e6b1d00003f6977242

    • SHA512

      9449cfc84211ea26309e9174c079bb78a39603281860d02ee71e641563a8da4b9fc991374b3ea3d5176b0319d83e634eae16f16ee77d92167011c32a47ee58e3

    • SSDEEP

      98304:Bmr4NkRBUdVsN3cUgG/P0K3C/BITYgTV3VOP9qqO7O6waH:xmRBko3Yh/BIA9OOpaH

    Score
    10/10
    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks