General

  • Target

    d6c5410b2d9e45c08deaabe2c3e09c65.exe

  • Size

    5.7MB

  • Sample

    240225-j4zxgagc2s

  • MD5

    d6c5410b2d9e45c08deaabe2c3e09c65

  • SHA1

    e7fd29cf3488283bb7b43a31f965b9849c2d55cf

  • SHA256

    f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75

  • SHA512

    3f4a0ba92a7509a2d84aac0fc4d2c8d80144ccc090c664276acb85db487585419f268bb3b27652cdb88010d72ef5bdf66bf56fbfbdf6f4b4a2b2569cb2c3f325

  • SSDEEP

    98304:rdl0LfzHWvOWzAWG6JgBhbwvU4yBSlT+5fge0RMpxkp:rAzHWvNAWG6k4U4yBWq5fWMpI

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://scandalbasketballoe.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      d6c5410b2d9e45c08deaabe2c3e09c65.exe

    • Size

      5.7MB

    • MD5

      d6c5410b2d9e45c08deaabe2c3e09c65

    • SHA1

      e7fd29cf3488283bb7b43a31f965b9849c2d55cf

    • SHA256

      f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75

    • SHA512

      3f4a0ba92a7509a2d84aac0fc4d2c8d80144ccc090c664276acb85db487585419f268bb3b27652cdb88010d72ef5bdf66bf56fbfbdf6f4b4a2b2569cb2c3f325

    • SSDEEP

      98304:rdl0LfzHWvOWzAWG6JgBhbwvU4yBSlT+5fge0RMpxkp:rAzHWvNAWG6k4U4yBWq5fWMpI

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks