Resubmissions

26-02-2024 00:08

240226-ae7fksgf7v 10

25-02-2024 23:55

240225-3yqldsfh43 10

General

  • Target

    Galaxy_Cheats_Installation_V4.2_beta.exe

  • Size

    61.3MB

  • Sample

    240225-3yqldsfh43

  • MD5

    3803aa667181618c6335c21ea99953d7

  • SHA1

    3d230345adeceece8f9c09176d2887dee9f617a6

  • SHA256

    c13b654d7ce1a730c415ea42b8f8ab08cbb52265914ffe2b186de6e7c9045769

  • SHA512

    a484a9e8f50c3c53cb5d21df1f28d85384c0b7b895bf81afec2df920343e91268bf11377fa897924c4feac1b9ad78c762aa7811c5dcc713d9016c4c2aa36673d

  • SSDEEP

    6144:rJWa3CiGaT/FgbTRAW7t+76okkTqXtwpwvjSUSXRHydG:FB3sduR7/yKpejSUaRHyU

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Galaxy_Cheats_Installation_V4.2_beta.exe

    • Size

      61.3MB

    • MD5

      3803aa667181618c6335c21ea99953d7

    • SHA1

      3d230345adeceece8f9c09176d2887dee9f617a6

    • SHA256

      c13b654d7ce1a730c415ea42b8f8ab08cbb52265914ffe2b186de6e7c9045769

    • SHA512

      a484a9e8f50c3c53cb5d21df1f28d85384c0b7b895bf81afec2df920343e91268bf11377fa897924c4feac1b9ad78c762aa7811c5dcc713d9016c4c2aa36673d

    • SSDEEP

      6144:rJWa3CiGaT/FgbTRAW7t+76okkTqXtwpwvjSUSXRHydG:FB3sduR7/yKpejSUaRHyU

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks