General

  • Target

    Set@up#!Files-P@ssw0rD__~2602~_.rar

  • Size

    20.4MB

  • Sample

    240225-3gz4hafe27

  • MD5

    70f0a5e394033d3faeda8aeb8ad68ed8

  • SHA1

    1678d17d55e6289c56a1a379f881cf67d498ed24

  • SHA256

    108781b3559e2800361acfc74df239c054a6081bbbddae19b377bea24abf7c0b

  • SHA512

    2b84e3d1476583f46cc0333b9247be992ac27044dd189388f201004e40428f8b780a4a861b5273153421830ae7a818bca8c7d56eb0c207d0ccea8d4d1fd3c081

  • SSDEEP

    393216:zROVe8uNsLbTY1sEpJpP8jJsQyt/CTK+Ha8Z5jdhf+RYoryxWu:FOVK2UsiJpus/ca8WSoOx

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      63KB

    • MD5

      ae224c5e196ff381836c9e95deebb7d5

    • SHA1

      910446a2a0f4e53307b6fdeb1a3e236c929e2ef4

    • SHA256

      bf933ccf86c55fc328e343b55dbf2e8ebd528e8a0a54f8f659cd0d4b4f261f26

    • SHA512

      f845dbb13b04f76b6823bec48e1c47f96bcbd6d02a834c8b128ac750fe338b53f775ee2a8784e8c443d49dfcb918c5b9d59b5492a1fe18743b8ba65b7d12514c

    • SSDEEP

      1536:Wio8DVyYs7JZT0uPXn8OS6sIe3ekT5Z240jSZk:WkhyYIJZT0uPXn8OdsIe3c4Ql

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks