General

  • Target

    Raysen hack v4.25.exe

  • Size

    316KB

  • Sample

    240225-3sv9pagd4z

  • MD5

    e7052b436d8595be3f633ec09ee94f86

  • SHA1

    ed714e69c31d3edc72b5a9e98ce272d3acf4c149

  • SHA256

    23e73ae9cda237a77ce26e505001f4acd231e4c4c68beef23dbddc49c4a6fa8a

  • SHA512

    5e2ae48f49386cb8cd489309f77cbe5f557759ebca9b827c0c1152307303b8c33f82b20a5c17b8a28e039474588fd6408131dd651e2f4575694d2279bef7c51f

  • SSDEEP

    6144:0o2v1MiNouQB2Qo7j3nJIgrPGm4fOAy+8R2FwUqF/JNaGUkedQuZt:big257j3nJp4fLy+tJjvkIQuZt

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Raysen hack v4.25.exe

    • Size

      316KB

    • MD5

      e7052b436d8595be3f633ec09ee94f86

    • SHA1

      ed714e69c31d3edc72b5a9e98ce272d3acf4c149

    • SHA256

      23e73ae9cda237a77ce26e505001f4acd231e4c4c68beef23dbddc49c4a6fa8a

    • SHA512

      5e2ae48f49386cb8cd489309f77cbe5f557759ebca9b827c0c1152307303b8c33f82b20a5c17b8a28e039474588fd6408131dd651e2f4575694d2279bef7c51f

    • SSDEEP

      6144:0o2v1MiNouQB2Qo7j3nJIgrPGm4fOAy+8R2FwUqF/JNaGUkedQuZt:big257j3nJp4fLy+tJjvkIQuZt

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks