Resubmissions

25-02-2024 20:08

240225-ywzztsbg51 10

25-02-2024 19:49

240225-yj4r9aag68 10

General

  • Target

    GENP4.2.exe

  • Size

    104.5MB

  • Sample

    240225-ywzztsbg51

  • MD5

    52d11dbac46ec385e0a0860cc4f4d5ea

  • SHA1

    1f7ef23ae7036105f4408de7ad3d7ff32ca5d824

  • SHA256

    4e756fe5adb15ac6a8fff1a1c468e1335cdafd085fc749c177b3ad792a289cf5

  • SHA512

    2f2b218fccef32e743ed2fb9a1d40b99a8c75b5de3dcc315bd63cd4c5d825402aa41f1806d372ebd6d94668958b7f8d7b39bfbe600f8fe4b13a7efceb8f4d4e9

  • SSDEEP

    393216:v3zalStgJgk4BmIlKNTFhVDnE8xqq1qgi7AESG7AZ9bmqvg67Mbv6H:v3zalStzk4gIiTF3E8xqTSxZCLbvs

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://legatorypluralishrtw.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      GENP4.2.exe

    • Size

      104.5MB

    • MD5

      52d11dbac46ec385e0a0860cc4f4d5ea

    • SHA1

      1f7ef23ae7036105f4408de7ad3d7ff32ca5d824

    • SHA256

      4e756fe5adb15ac6a8fff1a1c468e1335cdafd085fc749c177b3ad792a289cf5

    • SHA512

      2f2b218fccef32e743ed2fb9a1d40b99a8c75b5de3dcc315bd63cd4c5d825402aa41f1806d372ebd6d94668958b7f8d7b39bfbe600f8fe4b13a7efceb8f4d4e9

    • SSDEEP

      393216:v3zalStgJgk4BmIlKNTFhVDnE8xqq1qgi7AESG7AZ9bmqvg67Mbv6H:v3zalStzk4gIiTF3E8xqTSxZCLbvs

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks