General

  • Target

    d6c5410b2d9e45c08deaabe2c3e09c65.bin

  • Size

    3.4MB

  • Sample

    240227-ea23hsfh9t

  • MD5

    dae79360413ba6b36b213cc795bff02c

  • SHA1

    8dd14ee7f59d367b54b72b19306c71c9540831b3

  • SHA256

    253e0758a1beebae3f4c82019717c725f3b03dfb64bef4101c0f5180de40377a

  • SHA512

    ed61d97718203de6584d6a4bda6d75bbd29175ee86df26fbeb0cb4fab411b66ba2ea538f8221c90d32fc4574adc11e650d563d0c7c9c8547b9120ee6add0e9dd

  • SSDEEP

    49152:jWC4BUtHeO0sFhjVzIVowXS3ikmLmmxbhvEuTglOI6HHefQPQrBqQorMfD+ilVFG:EBUb0sFHzIVoEkctvdET2Pqs0H7dfBm

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://scandalbasketballoe.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75.exe

    • Size

      5.7MB

    • MD5

      d6c5410b2d9e45c08deaabe2c3e09c65

    • SHA1

      e7fd29cf3488283bb7b43a31f965b9849c2d55cf

    • SHA256

      f9e3c1a6284370cd7b6f8cb5a54d4d5f639a6fe0eb6c9a293d350e6505a3df75

    • SHA512

      3f4a0ba92a7509a2d84aac0fc4d2c8d80144ccc090c664276acb85db487585419f268bb3b27652cdb88010d72ef5bdf66bf56fbfbdf6f4b4a2b2569cb2c3f325

    • SSDEEP

      98304:rdl0LfzHWvOWzAWG6JgBhbwvU4yBSlT+5fge0RMpxkp:rAzHWvNAWG6k4U4yBWq5fWMpI

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks