General

  • Target

    Adobe Activator.rar

  • Size

    21.7MB

  • Sample

    240226-aacqeafh92

  • MD5

    5f6b7dd22b79277891e74e68b7381872

  • SHA1

    0d3c35aeddc56754fab6c59d33b28a6353596169

  • SHA256

    9126434501232577a62ef622f522bff11897961e8e353b2a658f3cea756daadd

  • SHA512

    47464315fe48e1666657aa31d8d60ba16a3f5bc92dcb5e5b111554dedc29906df53d1a2ea9247873e8193ba24e8016368062a6c84438034054717eec5508025a

  • SSDEEP

    393216:eSpdoO1oVV32V0pSDTxBQOtax1QBphN2cdn7OTPsjsi2leH64/P:eKoUoVV3wTTHv/hN3oT7Ng64n

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://woodfeetumhblefepoj.shop/api

Targets

    • Target

      Adobe Activator/Adobe_Activator.exe

    • Size

      7.0MB

    • MD5

      787ec3310db1f706bf56c6eb7d45f549

    • SHA1

      8ed2f0c25bd78811aabb1a4734eab070fdab9f8c

    • SHA256

      169904adc7f0cd21f441bebb0c962beab9eb8eac091cf74c9f8efc1d181b083b

    • SHA512

      f3f01db130767e293a8c7d089d47e597f146e5423a825132d191ea236cd6367b272b594f1d80e73407c7c36c47bfb4c7e3094819c9cc2693e47889f031f73e07

    • SSDEEP

      98304:Im9QW8nXDB0HUcamHCUc1ge+Qm1DpU4Oj+eEpCz:I0QW8XeHFa0iYQF427Eoz

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks