Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

valoskin/h...er.exe

windows7-x64

1

valoskin/h...er.exe

windows10-2004-x64

1

valoskin/spoofer.exe

windows7-x64

3

valoskin/spoofer.exe

windows10-2004-x64

10

valoskin/test.dll

windows7-x64

1

valoskin/test.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    valoskin.zip

  • Size

    317KB

  • Sample

    240223-d3zmesae5w

  • MD5

    1d6d8e1a9b1ec74a9c03848bae2911b0

  • SHA1

    4b5802f378a0c1b8d114a89951c1d27a6f51f3fd

  • SHA256

    9593415e3c59bccf5b942204c21bf3b60b727868cd9bbd28efa10b045f838d7f

  • SHA512

    842c0444d4959c1cdcbc58a7a5dfbe721e597ca94cede3170a8215ba9f3b7a0136f496a70351c1c0126871d6807ecfd8aef78c23fc4baa78becd1eaff0a64d36

  • SSDEEP

    6144:KdRXAFA/H6W+r13lKhJumiJ1zPk5rY+WcCQSSqxVU9dKVsNIwm0M08:+Jr+B3lSurLzb+mQSSqQXKVW7M1

Score
10/10
lummapersistencestealer

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      valoskin/hookloader.exe

    • Size

      14KB

    • MD5

      2d81016e823c1f2983b70902d510e2cb

    • SHA1

      c83763ce1f16bee1b4c63ff80a181dc1b40e0d27

    • SHA256

      1eb27116f207a0701aec816404a6c5ede66550231b2b7bf84981d353cba35d9a

    • SHA512

      8df567b6f153d0cc738c2da1c7caa6d906af5656455c6fc17e51b0d4f43d18e757ea2f74843bd3d7e0791e9ec488136ac01fa3c0aebec8b2eef4789a84f95491

    • SSDEEP

      192:jd326f/bCoq+IeXCutfAkIUNzEa5UK4PiaAws681iW5tfqXU/H:x326f/Goq+IQjfLvNWKc7

    Score
    1/10
    behavioral1behavioral2

    • Target

      valoskin/spoofer.exe

    • Size

      425KB

    • MD5

      168d7b4ca5c63b61d5f48f0911868b2c

    • SHA1

      daf966bd0ac55c862ce5574ee7d5420123ac94e4

    • SHA256

      601c05bd2d1c908d123dac33d1c15552c138acb294124cbdd86b12c9f35e2655

    • SHA512

      da5ebb40849fedafc5a3ac7c48a0142c6eb5ccefe788b6c07491a757aa9e9b4f3d8b76e1dacf0600a833aade05c309b9661e8fd40080d4ba8f4cf4ea3d59900f

    • SSDEEP

      12288:jLJ/KPJxO9j7MIFyKz3mBEP5KpPbDC0dGhKcYtmS2:jcPYsIUOwtb1whlt

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma
    behavioral3behavioral4

    • Target

      valoskin/test.dll

    • Size

      157KB

    • MD5

      0605f348e17e22178b57014a83e624dc

    • SHA1

      f4a1cdbb02e9dba0ae01177dd156a653bd06dd8c

    • SHA256

      7343c8572b9d2cabf54ef5ba0dce2f7b2931504c40dba057e33e4780817a3cf2

    • SHA512

      ec437462de560edccd3e55eab7126015b1a2f741a4aee87d08aacb0790bead51efa7df236c366a5935c9b60a9094dbe84ba6a2f0ad428e2babd8a1ea181ad14c

    • SSDEEP

      3072:3Nk1JmVsIgx7j1GefCDMYAxe6rXEH0RhRhRq:6mWIgx7j1GeaoYA3Ln

    Score
    7/10
    persistence
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.