General

  • Target

    @!Files_PAsw0rdZ_6914.zip

  • Size

    19.1MB

  • Sample

    240226-atb8zsha2y

  • MD5

    c7279eb2a9fe112754bba8cffe08890a

  • SHA1

    017838961468773fda872b4b2c68189ccc41c83e

  • SHA256

    4b8d50412e0c5fa8280bc0a149f6318b348fc60f636caa43112cd3171a4a040b

  • SHA512

    5a55a9b71674fbf0e7faad0b6dff7fc39cd70ad3dff36f168285b298db8f2c8d8b3db5a95b05b0c89d7a31bd5a685a49fea441458a1b3544146c4ebb30505330

  • SSDEEP

    393216:uNZkEwrFjjaPSX6jpDk+sVyRUq+aMGulyC/cLSBc3ZBdgiUKd:uNSrrNaPR1DkHy6LlyC/+XpBSi

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Setup_Full-Free.exe

    • Size

      63KB

    • MD5

      ae224c5e196ff381836c9e95deebb7d5

    • SHA1

      910446a2a0f4e53307b6fdeb1a3e236c929e2ef4

    • SHA256

      bf933ccf86c55fc328e343b55dbf2e8ebd528e8a0a54f8f659cd0d4b4f261f26

    • SHA512

      f845dbb13b04f76b6823bec48e1c47f96bcbd6d02a834c8b128ac750fe338b53f775ee2a8784e8c443d49dfcb918c5b9d59b5492a1fe18743b8ba65b7d12514c

    • SSDEEP

      1536:Wio8DVyYs7JZT0uPXn8OS6sIe3ekT5Z240jSZk:WkhyYIJZT0uPXn8OdsIe3c4Ql

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks