General

  • Target

    1nstaller.exe

  • Size

    306KB

  • Sample

    240225-2rhfrsee64

  • MD5

    b07e22aaa52b91ee83104aa01ff4e917

  • SHA1

    a0ec67be3798a2635dbfe068c2ac64bf64945419

  • SHA256

    a32091f0369a7cf43e1d12cb0bbaf4263d6aeff67331046e507ca16f85b470f1

  • SHA512

    e430cc080743e1240707ef92cf867daf66aec5f73429176ea88dc091919a4019c2815d63023b48902d4c98950e1b4019831e68b70bd72376967d40f31b8294a6

  • SSDEEP

    6144:IfGcMPCUXAxodysIxTbj3W//hkk/Gmoy0DSROwOfUzGXgmNxI:zceXAokbjiumobDTJfPbA

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      1nstaller.exe

    • Size

      306KB

    • MD5

      b07e22aaa52b91ee83104aa01ff4e917

    • SHA1

      a0ec67be3798a2635dbfe068c2ac64bf64945419

    • SHA256

      a32091f0369a7cf43e1d12cb0bbaf4263d6aeff67331046e507ca16f85b470f1

    • SHA512

      e430cc080743e1240707ef92cf867daf66aec5f73429176ea88dc091919a4019c2815d63023b48902d4c98950e1b4019831e68b70bd72376967d40f31b8294a6

    • SSDEEP

      6144:IfGcMPCUXAxodysIxTbj3W//hkk/Gmoy0DSROwOfUzGXgmNxI:zceXAokbjiumobDTJfPbA

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks