General

  • Target

    https://cdn.discordapp.com/attachments/1202281599367135252/1209981878594052186/Palworld_Trainer.zip?ex=65e8e670&is=65d67170&hm=83ceae88496b8954b2e546bc4402dab3209981fc6fd82c7ec485205aab1a1953&

  • Sample

    240222-n6bpwagg5t

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://legatorypluralishrtw.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      https://cdn.discordapp.com/attachments/1202281599367135252/1209981878594052186/Palworld_Trainer.zip?ex=65e8e670&is=65d67170&hm=83ceae88496b8954b2e546bc4402dab3209981fc6fd82c7ec485205aab1a1953&

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks