General

  • Target

    Laun4er___Pswrd--1231.rar

  • Size

    33.6MB

  • Sample

    240227-f2njwahb87

  • MD5

    453fd9bbbfbfea164a42dee426e9794f

  • SHA1

    49cfef6bf483c3ce0007e5e80826a5eec96c5552

  • SHA256

    0f6f7876e556d8a0aaa9079710e980901cba752cc159f437b16e2d4a44bc693a

  • SHA512

    8124cd65fb01585b1b3c21ede1c9659f4bc566df207a026c9379816f5b7ead4c4ff00d0b9bd997b2b118cfb4dcfbbca1808debbbca478d714d683559a3513aa8

  • SSDEEP

    786432:8YbTvWtBX/D1KVygpK4H7Wmv/+5+eyELqJsul1i+6i/:8YbTvWzYcoCU/+nMsM7R/

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sermonundressolcow.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Laun4er___Pswrd--1231.rar

    • Size

      33.6MB

    • MD5

      453fd9bbbfbfea164a42dee426e9794f

    • SHA1

      49cfef6bf483c3ce0007e5e80826a5eec96c5552

    • SHA256

      0f6f7876e556d8a0aaa9079710e980901cba752cc159f437b16e2d4a44bc693a

    • SHA512

      8124cd65fb01585b1b3c21ede1c9659f4bc566df207a026c9379816f5b7ead4c4ff00d0b9bd997b2b118cfb4dcfbbca1808debbbca478d714d683559a3513aa8

    • SSDEEP

      786432:8YbTvWtBX/D1KVygpK4H7Wmv/+5+eyELqJsul1i+6i/:8YbTvWzYcoCU/+nMsM7R/

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks