General

  • Target

    GitHubLoader.exe

  • Size

    432KB

  • Sample

    240224-mrqd2shd66

  • MD5

    9a25ab8bdaa157c47a64fc2b0a1e443a

  • SHA1

    c96cc57a7bfeaf3415005965974ad721ffebdbbe

  • SHA256

    14123370ea7689a1be3d067a5a53c96c47aaf2573714a08b65a25369a7523517

  • SHA512

    010a8f22d17a7b17afc70c9ed12ca9a532108e99d1f3fb0dc59a0339473395aaf87781d83a14aff4bce751d4b2417f1d0edf16b6afe186ff9c325100058fed41

  • SSDEEP

    12288:yh1Fk70Tnvjc2VlQeYvNdJ5rIHrtrwM/22w:8k70Trc2V96NdcHrtm5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      GitHubLoader.exe

    • Size

      432KB

    • MD5

      9a25ab8bdaa157c47a64fc2b0a1e443a

    • SHA1

      c96cc57a7bfeaf3415005965974ad721ffebdbbe

    • SHA256

      14123370ea7689a1be3d067a5a53c96c47aaf2573714a08b65a25369a7523517

    • SHA512

      010a8f22d17a7b17afc70c9ed12ca9a532108e99d1f3fb0dc59a0339473395aaf87781d83a14aff4bce751d4b2417f1d0edf16b6afe186ff9c325100058fed41

    • SSDEEP

      12288:yh1Fk70Tnvjc2VlQeYvNdJ5rIHrtrwM/22w:8k70Trc2V96NdcHrtm5

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks