General

  • Target

    Prestige Client.exe

  • Size

    688.3MB

  • Sample

    240224-n1cpzsbe6x

  • MD5

    a078d021bd3d622277ceae8b9e239e0c

  • SHA1

    49a4dba6b4a32820d2ca5da0e8b265113b4e43d7

  • SHA256

    75c12f74970a1ae389354043ca08837c70bb2f0d8bad2f49f77729ab11b25456

  • SHA512

    252fbff0800bc67b518e50366c8babf46b42d0eef16c04086fdf15777407d9254aed1b3d669a3e21aa1bb822c53df6da3b1efcbae75540b78141c16db7b52912

  • SSDEEP

    6144:DW4ZaaTKV9oM5a+LfLIPzqwF4PiwQnGQ0mG1oVnxo/u8:DhdEoMlDOz3q5Q0mrVxom8

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Prestige Client.exe

    • Size

      688.3MB

    • MD5

      a078d021bd3d622277ceae8b9e239e0c

    • SHA1

      49a4dba6b4a32820d2ca5da0e8b265113b4e43d7

    • SHA256

      75c12f74970a1ae389354043ca08837c70bb2f0d8bad2f49f77729ab11b25456

    • SHA512

      252fbff0800bc67b518e50366c8babf46b42d0eef16c04086fdf15777407d9254aed1b3d669a3e21aa1bb822c53df6da3b1efcbae75540b78141c16db7b52912

    • SSDEEP

      6144:DW4ZaaTKV9oM5a+LfLIPzqwF4PiwQnGQ0mG1oVnxo/u8:DhdEoMlDOz3q5Q0mrVxom8

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks