General

  • Target

    Razer Installer.exe

  • Size

    8.6MB

  • Sample

    240227-2fqyrsdc4v

  • MD5

    6cb3320f806aa4d928363e54398eae24

  • SHA1

    a345fd987158dbc192c868e9734739481cfd3cba

  • SHA256

    43242c65da9a98e0b14719b801a4a999214645da2fafe0590d9424b2b7bfbea9

  • SHA512

    c176c1ec0252caf9f48b518fb903cfd02a4d3c4468f7f7168b2e3f284660ce06429b233532ce6fec8a722ed011f1ee0fe0c8316737b6b6a84723513a2aa46d73

  • SSDEEP

    196608:6DwG50vQO/26iZrVG5Jf808zwUIvP4Btk3CDHKhiBm4omLvorU:6cIQQO/DEkf8xzw734BtnSCmlmDT

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://mutterunlikelyoo.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Razer Installer.exe

    • Size

      8.6MB

    • MD5

      6cb3320f806aa4d928363e54398eae24

    • SHA1

      a345fd987158dbc192c868e9734739481cfd3cba

    • SHA256

      43242c65da9a98e0b14719b801a4a999214645da2fafe0590d9424b2b7bfbea9

    • SHA512

      c176c1ec0252caf9f48b518fb903cfd02a4d3c4468f7f7168b2e3f284660ce06429b233532ce6fec8a722ed011f1ee0fe0c8316737b6b6a84723513a2aa46d73

    • SSDEEP

      196608:6DwG50vQO/26iZrVG5Jf808zwUIvP4Btk3CDHKhiBm4omLvorU:6cIQQO/DEkf8xzw734BtnSCmlmDT

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks