General

  • Target

    Project.rar

  • Size

    26.9MB

  • Sample

    240226-1tvy7shb24

  • MD5

    47a9cfffdd0a52e41b30ce0c0e55b5a9

  • SHA1

    d021796951b654b6cce903e2c3d09c0b6317a13f

  • SHA256

    86c9a0488a40c0e9d5133782612ad16394510d56d9cb1f86959a3125af959f9a

  • SHA512

    a0ce369e19d3f0345581e4a841f10aeb766e5f292e1071d08f08fe7c835b2da64b822defbb8e72488e2c8de3283588f22ef02d40ba42874a969e4eec0be51c38

  • SSDEEP

    786432:zkx5GNjQV5F0r8uyDW2iStGkztaWeVYS4rlHaWY:ZjQ6r85DWcGiayZZ6WY

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      GitHubLoadTool/GitHubLoader.exe

    • Size

      432KB

    • MD5

      9a25ab8bdaa157c47a64fc2b0a1e443a

    • SHA1

      c96cc57a7bfeaf3415005965974ad721ffebdbbe

    • SHA256

      14123370ea7689a1be3d067a5a53c96c47aaf2573714a08b65a25369a7523517

    • SHA512

      010a8f22d17a7b17afc70c9ed12ca9a532108e99d1f3fb0dc59a0339473395aaf87781d83a14aff4bce751d4b2417f1d0edf16b6afe186ff9c325100058fed41

    • SSDEEP

      12288:yh1Fk70Tnvjc2VlQeYvNdJ5rIHrtrwM/22w:8k70Trc2V96NdcHrtm5

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

    • Target

      GitHubLoadTool/Microsoft.Windows.SDK.NET.dll

    • Size

      18.9MB

    • MD5

      e3bbbd3dd68e311dab9cec40238654ca

    • SHA1

      48390edd79e91be8d005f40ddbd15eca722c554a

    • SHA256

      7298108b972bd8004bf8326994f3a7f045aed53958c0ca425d3b38e67d8560ca

    • SHA512

      ded56aa0852460edd3c6aad192ad27ad21490f1c9adb8ca45b5db308c25942f432fcd43558d37d17c2be9c3daa4c7c344e99b2ad0205826d602bf6c14d744a73

    • SSDEEP

      98304:ZDMFTsDdHH2zd38coosB9+clVti1572MsGWSsmji3YGbvOStGqwCy/:tMFTsDdHsGdfSXWgjcrtGzB

    Score
    1/10
    • Target

      GitHubLoadTool/PresentationCore.dll

    • Size

      8.3MB

    • MD5

      e85a5ff99fd7a6ae9619138293e1cfea

    • SHA1

      d1edceeeb255acffe14ad2c4eb4fe2a0a911dfd0

    • SHA256

      a70e09031ef5ee4a2d79659aabe5d1ebef48effe2705a6f97c37c5c46cda9473

    • SHA512

      b3380cbb8a400562ca9d9ad1a4ebc0167aa16616652162d0f5a9a7a543c52b97b5bf6687a0f63ee913ce73ac61c5bde1375ca317e11457bdbb681a0bf02d435f

    • SSDEEP

      98304:pMjCcXTptNahnVJZRCMVB6cljg+n1SUFTLAFvxGV:pMW6Tv8hnVtVV8cljB1hyFvxo

    Score
    1/10
    • Target

      GitHubLoadTool/PresentationFramework.dll

    • Size

      15.5MB

    • MD5

      2b68c0520a9076b2b4f71a767596bb89

    • SHA1

      284c08abb3ec37677857423b75fba5e58eb08037

    • SHA256

      b054a9f4cbf2edce6749e2a55b028fce302d767722b08a30a923c9783cde63fc

    • SHA512

      eaea44fae8047fae79b0d5fcceb3cc5e998de6556236604e76d00188aceb293e203981de4992eb393026e2f3efc10dae583f13c7c1266f112ca02f50f515c443

    • SSDEEP

      196608:FlWCjV9KuqWbv7sA/k5XvCxpLy/rbVbrePpRPoKbRh9ZlQCrjzwV:FlTzRv7sA/k50Ly/rbxiP/oK9B2

    Score
    1/10
    • Target

      GitHubLoadTool/System.Private.CoreLib.dll

    • Size

      10.1MB

    • MD5

      9a3a2948d2f3d14284fdd685f79b20bd

    • SHA1

      fb7db128c6aec42d7390f9f5f43c34a7210d01db

    • SHA256

      e0e2c63cb07fb55c4e0e27b9eeb7eefc9328a0e84375e1434cdea21c04f0c2e4

    • SHA512

      9ce40425eac0a6065d9420d5cf09c4c4c96d4b0f7697817e91d3041a08cbe102636760ca56904470740289cbf14c8db3080ace5b3c45651520ce6029d8e250bc

    • SSDEEP

      196608:xLMqRWES1akA9uKSFm9rH13KLy/Y4eEA7Gvs:xYJrdA9u/Fm9rH13KLy/iuk

    Score
    1/10
    • Target

      GitHubLoadTool/System.Private.Xml.dll

    • Size

      8.1MB

    • MD5

      6756087e071532303f7001b6e5970538

    • SHA1

      bcdb033ebd460ddb70cc8986def9c5e5dedc2502

    • SHA256

      320e661c03bd44c9cbeccefa20dfeccc6c7ceebf06a76510e120d37208d61054

    • SHA512

      0eb38ae862bfce0628feea7604475ad7019f2e4f652cfc20b34bb37f1fcead271792a9a5d06eb9f30ab95136ff4557f6a9fa8ecb43910c9d3d2eca3691f5219d

    • SSDEEP

      98304:0O19UozmSP0P8NkPC0TaFqZlH/5WyEeKQnz6:hmSP0UNkP1YQf5WleJnO

    Score
    1/10
    • Target

      GitHubLoadTool/System.Windows.Forms.dll

    • Size

      12.7MB

    • MD5

      40ebeba76ec2a39637601eaaada6ef8b

    • SHA1

      d5d657039adcd0479f5be94cfa13fcd05209bf61

    • SHA256

      d103d2a1a3257c74d3d0871f9fab132471769d42bd45853cc2be0c1f93eb0c07

    • SHA512

      c4a2b8521315a9fd7f76e97de717fb59792cc54fbf9a87a5da85099f5b84b239353a2749478249e6d57b9ba349ff913ce9222e9626499be3ad67b69704a172e3

    • SSDEEP

      98304:3NK9ZCIDc//2yoIV5dGGQWbqTRvblXhZupwo3uO+pHomQ:3E9Agc//22V5dG1lGwo3IHoj

    Score
    1/10
    • Target

      GitHubLoadTool/grpc_csharp_ext.x64.dll

    • Size

      12.1MB

    • MD5

      88dc6caa0d47e61c8263ab01a2ca12a9

    • SHA1

      84d6b4573f9e0ae8c051280ce903e613cf3d6673

    • SHA256

      4133225f8e65114926a1f8dfe5e1382186b4150de393cfb9476d32cf45ee05e6

    • SHA512

      1df929fabdeee0c344074f9cafef64382fc3d917e3601c84dfb986675939597eea4a5b426e91adc57a4ca00fbae3274d6b6f1c5c478ca9e2f8322890951b5889

    • SSDEEP

      49152:0XF7DtS9vroZBNvi0lqrOtw0Xcww1V8WIf+6MS3aY8wd8uBV4iNSGnl64uRR1b8X:u7e0rvru1Qfhuxb9AZia3BMwHkP+NLuS

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks