Analysis

  • max time kernel
    93s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-02-2024 04:54

General

  • Target

    479342d62078aaf31881972c7574f6f2.exe

  • Size

    5.6MB

  • MD5

    479342d62078aaf31881972c7574f6f2

  • SHA1

    382fa9a95746ca6199e7dfb9ae2bd035f4000fb4

  • SHA256

    a6b59e0a275b5314935a3f812a5ba7dd5d5cc9524d3a6efdeb3a103eea386f6d

  • SHA512

    0e74e3e0b993968220e712ffd94a76c00d35f0452494d62b3f6780c80cc0cae2e9982978830c54bed3a57d17a5a84abbdc4c0cbb5961afcae785048ac4ac47da

  • SSDEEP

    98304:VtiVJmQPallXIjrii0nu3m2RwJhsyJExbHMLex0ATwhdgY4m9g7iVyfiC1ql0u7C:+nmEalSMnuJwJhsyCxbtOATwXvwFiCau

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://resergvearyinitiani.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\479342d62078aaf31881972c7574f6f2.exe
    "C:\Users\Admin\AppData\Local\Temp\479342d62078aaf31881972c7574f6f2.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3480-0-0x0000000000F60000-0x0000000001A37000-memory.dmp

    Filesize

    10.8MB

  • memory/3480-5-0x0000000001BA0000-0x0000000001BA1000-memory.dmp

    Filesize

    4KB

  • memory/3480-7-0x0000000000F60000-0x0000000001A37000-memory.dmp

    Filesize

    10.8MB

  • memory/3480-8-0x0000000001BC0000-0x0000000001BC1000-memory.dmp

    Filesize

    4KB

  • memory/3480-6-0x0000000001BB0000-0x0000000001BB1000-memory.dmp

    Filesize

    4KB

  • memory/3480-11-0x0000000001F00000-0x0000000001F01000-memory.dmp

    Filesize

    4KB

  • memory/3480-10-0x0000000001BF0000-0x0000000001BF1000-memory.dmp

    Filesize

    4KB

  • memory/3480-9-0x0000000001BD0000-0x0000000001BD1000-memory.dmp

    Filesize

    4KB

  • memory/3480-12-0x0000000001F10000-0x0000000001F11000-memory.dmp

    Filesize

    4KB

  • memory/3480-16-0x0000000001F50000-0x0000000001F51000-memory.dmp

    Filesize

    4KB

  • memory/3480-17-0x0000000001F60000-0x0000000001F61000-memory.dmp

    Filesize

    4KB

  • memory/3480-15-0x0000000001F40000-0x0000000001F41000-memory.dmp

    Filesize

    4KB

  • memory/3480-19-0x0000000001F80000-0x0000000001F81000-memory.dmp

    Filesize

    4KB

  • memory/3480-21-0x0000000001FA0000-0x0000000001FA1000-memory.dmp

    Filesize

    4KB

  • memory/3480-20-0x0000000001F90000-0x0000000001F91000-memory.dmp

    Filesize

    4KB

  • memory/3480-22-0x0000000001FB0000-0x0000000001FB1000-memory.dmp

    Filesize

    4KB

  • memory/3480-23-0x0000000001FC0000-0x0000000001FC1000-memory.dmp

    Filesize

    4KB

  • memory/3480-24-0x0000000003A70000-0x0000000003A71000-memory.dmp

    Filesize

    4KB

  • memory/3480-25-0x0000000000F60000-0x0000000001A37000-memory.dmp

    Filesize

    10.8MB

  • memory/3480-18-0x0000000001F70000-0x0000000001F71000-memory.dmp

    Filesize

    4KB

  • memory/3480-14-0x0000000001F30000-0x0000000001F31000-memory.dmp

    Filesize

    4KB

  • memory/3480-13-0x0000000001F20000-0x0000000001F21000-memory.dmp

    Filesize

    4KB

  • memory/3480-27-0x0000000003A80000-0x0000000003A81000-memory.dmp

    Filesize

    4KB

  • memory/3480-28-0x0000000003A80000-0x0000000003AB2000-memory.dmp

    Filesize

    200KB

  • memory/3480-26-0x0000000003A80000-0x0000000003A81000-memory.dmp

    Filesize

    4KB

  • memory/3480-29-0x0000000003A80000-0x0000000003AB2000-memory.dmp

    Filesize

    200KB

  • memory/3480-30-0x0000000003A80000-0x0000000003AB2000-memory.dmp

    Filesize

    200KB

  • memory/3480-31-0x0000000000F60000-0x0000000001A37000-memory.dmp

    Filesize

    10.8MB