General

  • Target

    @!ACTIVE!!_9595_ṔḁṨṨCṏḌḙ#.rar

  • Size

    19.1MB

  • Sample

    240225-3kv9qafe96

  • MD5

    b13aacce5e0a9b46793f57ca115c9638

  • SHA1

    d9687185ef8fad6a8c3ab71ded050953b56828d2

  • SHA256

    e51c0e50594ae288081b7ec0d097e8e4635e40748d12aba6f4bd1014d9b34227

  • SHA512

    4f07b31f29ab67025d52e1e734b35406bd444fe43aafb13228e2a1698103bceedea1a145d0938cef7eb8ae11c2cbe0a58cf15eaf92f0b8a9e5df8223b9907bc5

  • SSDEEP

    393216:41xvE/eszIi/sYjsBuyiM8vtvqUwivCcSRGpoh1kBt1JUnwosOZsB:UEo4ssyz8s3nob8vWB

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      63KB

    • MD5

      ae224c5e196ff381836c9e95deebb7d5

    • SHA1

      910446a2a0f4e53307b6fdeb1a3e236c929e2ef4

    • SHA256

      bf933ccf86c55fc328e343b55dbf2e8ebd528e8a0a54f8f659cd0d4b4f261f26

    • SHA512

      f845dbb13b04f76b6823bec48e1c47f96bcbd6d02a834c8b128ac750fe338b53f775ee2a8784e8c443d49dfcb918c5b9d59b5492a1fe18743b8ba65b7d12514c

    • SSDEEP

      1536:Wio8DVyYs7JZT0uPXn8OS6sIe3ekT5Z240jSZk:WkhyYIJZT0uPXn8OdsIe3c4Ql

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks