General

  • Target

    VALLACUC.zip

  • Size

    3.2MB

  • Sample

    240226-w33m7acf99

  • MD5

    348cc3f23e8ca100515dc926beff4ead

  • SHA1

    8e918e3a02196535dcdb0df1b6b2bb352c9100bc

  • SHA256

    af5b6c05d1f194eb059920b06e8f8a4182383c3da2e1ef1a0c56a46f028425aa

  • SHA512

    ea3952c6405942ce755749c71d7d8aee786061535ce3ec3a0447d146dab6d61f82e2126e71e7155cecf45d088c5e85a7e19f2cd32789f18840d5b2099313c1a7

  • SSDEEP

    98304:k8b43Dhxc7Zky67b44euxN6O2U3yQ9qPSlJN:k8czhxc7Zk7v9xNbUqn

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      VALLACUC.zip

    • Size

      3.2MB

    • MD5

      348cc3f23e8ca100515dc926beff4ead

    • SHA1

      8e918e3a02196535dcdb0df1b6b2bb352c9100bc

    • SHA256

      af5b6c05d1f194eb059920b06e8f8a4182383c3da2e1ef1a0c56a46f028425aa

    • SHA512

      ea3952c6405942ce755749c71d7d8aee786061535ce3ec3a0447d146dab6d61f82e2126e71e7155cecf45d088c5e85a7e19f2cd32789f18840d5b2099313c1a7

    • SSDEEP

      98304:k8b43Dhxc7Zky67b44euxN6O2U3yQ9qPSlJN:k8czhxc7Zk7v9xNbUqn

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Sets service image path in registry

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks