General

  • Target

    Set-up.exe

  • Size

    785.1MB

  • Sample

    240225-3sft1afg46

  • MD5

    ba0e6b416df17415f3ccd6f7a0848a10

  • SHA1

    82b64851271cb6d4770122d1c19b6a7e72aed8af

  • SHA256

    31280918bca075062bac6918b91c0ed7a125b4094825e44746723bc7e4c919bc

  • SHA512

    5c0be6bbe526e0fac33be3ce196862cf67653f261046bb0e1cd3d3ef9f44ca9384da32b0d0239cfab1496fcaadd3833ce0f673058ac234f99ed9d889e0c56bb7

  • SSDEEP

    49152:P+6GEOCYqs7gKN+vcqhC853Tngs+Bds9x6gIpV0ePQBmsQXcgIJm:pGEpY58KN+kovDgs+Bds9PIptXsgR

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      785.1MB

    • MD5

      ba0e6b416df17415f3ccd6f7a0848a10

    • SHA1

      82b64851271cb6d4770122d1c19b6a7e72aed8af

    • SHA256

      31280918bca075062bac6918b91c0ed7a125b4094825e44746723bc7e4c919bc

    • SHA512

      5c0be6bbe526e0fac33be3ce196862cf67653f261046bb0e1cd3d3ef9f44ca9384da32b0d0239cfab1496fcaadd3833ce0f673058ac234f99ed9d889e0c56bb7

    • SSDEEP

      49152:P+6GEOCYqs7gKN+vcqhC853Tngs+Bds9x6gIpV0ePQBmsQXcgIJm:pGEpY58KN+kovDgs+Bds9PIptXsgR

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • Target

      #/WeMods.exe

    • Size

      783.4MB

    • MD5

      bba91fc1cbfa4bc4730b57e6534063a5

    • SHA1

      c42c7dea1d7ba4fd24252cb9f98728b72dbb191a

    • SHA256

      0ad58945a9bd58fd5e779da9365eca6324b42655a8f0e0c19f86508e27c28c6f

    • SHA512

      d10fe567dfddc40319feb89d3dd2100bd164ec2cdcb35ce56910e3223548f298266607ff2386f1e4fe982d73520ad427e41353a5cf251802c40bf94bb5eb432e

    • SSDEEP

      98304:avGhcV2/1IyDLZU4X5nMh7LnGnYGZGLyS53rPE:aOn/3DlU2nW7zOHsLywI

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks