Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-02-2024 04:55

General

  • Target

    479342d62078aaf31881972c7574f6f2.exe

  • Size

    5.6MB

  • MD5

    479342d62078aaf31881972c7574f6f2

  • SHA1

    382fa9a95746ca6199e7dfb9ae2bd035f4000fb4

  • SHA256

    a6b59e0a275b5314935a3f812a5ba7dd5d5cc9524d3a6efdeb3a103eea386f6d

  • SHA512

    0e74e3e0b993968220e712ffd94a76c00d35f0452494d62b3f6780c80cc0cae2e9982978830c54bed3a57d17a5a84abbdc4c0cbb5961afcae785048ac4ac47da

  • SSDEEP

    98304:VtiVJmQPallXIjrii0nu3m2RwJhsyJExbHMLex0ATwhdgY4m9g7iVyfiC1ql0u7C:+nmEalSMnuJwJhsyCxbtOATwXvwFiCau

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://resergvearyinitiani.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\479342d62078aaf31881972c7574f6f2.exe
    "C:\Users\Admin\AppData\Local\Temp\479342d62078aaf31881972c7574f6f2.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5100-0-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB

  • memory/5100-5-0x00000000016C0000-0x00000000016C1000-memory.dmp

    Filesize

    4KB

  • memory/5100-6-0x0000000003170000-0x0000000003171000-memory.dmp

    Filesize

    4KB

  • memory/5100-8-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB

  • memory/5100-9-0x00000000032C0000-0x00000000032C1000-memory.dmp

    Filesize

    4KB

  • memory/5100-14-0x0000000003310000-0x0000000003311000-memory.dmp

    Filesize

    4KB

  • memory/5100-16-0x0000000003330000-0x0000000003331000-memory.dmp

    Filesize

    4KB

  • memory/5100-17-0x0000000003340000-0x0000000003341000-memory.dmp

    Filesize

    4KB

  • memory/5100-21-0x0000000003380000-0x0000000003381000-memory.dmp

    Filesize

    4KB

  • memory/5100-22-0x0000000003390000-0x0000000003391000-memory.dmp

    Filesize

    4KB

  • memory/5100-20-0x0000000003370000-0x0000000003371000-memory.dmp

    Filesize

    4KB

  • memory/5100-19-0x0000000003360000-0x0000000003361000-memory.dmp

    Filesize

    4KB

  • memory/5100-18-0x0000000003350000-0x0000000003351000-memory.dmp

    Filesize

    4KB

  • memory/5100-15-0x0000000003320000-0x0000000003321000-memory.dmp

    Filesize

    4KB

  • memory/5100-13-0x0000000003300000-0x0000000003301000-memory.dmp

    Filesize

    4KB

  • memory/5100-24-0x00000000033B0000-0x00000000033B1000-memory.dmp

    Filesize

    4KB

  • memory/5100-23-0x00000000033A0000-0x00000000033A1000-memory.dmp

    Filesize

    4KB

  • memory/5100-12-0x00000000032F0000-0x00000000032F1000-memory.dmp

    Filesize

    4KB

  • memory/5100-11-0x00000000032E0000-0x00000000032E1000-memory.dmp

    Filesize

    4KB

  • memory/5100-25-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB

  • memory/5100-10-0x00000000032D0000-0x00000000032D1000-memory.dmp

    Filesize

    4KB

  • memory/5100-7-0x00000000032B0000-0x00000000032B1000-memory.dmp

    Filesize

    4KB

  • memory/5100-26-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB

  • memory/5100-27-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB

  • memory/5100-29-0x00000000033C0000-0x00000000033F2000-memory.dmp

    Filesize

    200KB

  • memory/5100-28-0x00000000033C0000-0x00000000033F2000-memory.dmp

    Filesize

    200KB

  • memory/5100-30-0x00000000033C0000-0x00000000033F2000-memory.dmp

    Filesize

    200KB

  • memory/5100-31-0x0000000000680000-0x0000000001157000-memory.dmp

    Filesize

    10.8MB