General

  • Target

    BlоxFruit.exe

  • Size

    60.0MB

  • Sample

    240227-tg1wcsdf4s

  • MD5

    176ea575f60d1152fd8ca3848e201c60

  • SHA1

    307cf19bf9b5cd6c4721f339baf7d34b9b9f53d9

  • SHA256

    dc0ed55c15a3f289fff28c858d613d2a25153eb6a79a0dbeea0f7feb6c1b9a46

  • SHA512

    fc0177a5c4a40f4e6555ece0f4ed399dce2595bf353622b17ea88b00d596e1c7044a1e2e6da2f9acbb26a7b14f7a223bca35a385eb339cc297a1a8081208a31a

  • SSDEEP

    393216:LolUwIZZQkvsMjh/kwp022I6sY9P7lfhYa2o:LolUwIrOYdk3+ixJYa

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sermonundressolcow.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      BlоxFruit.exe

    • Size

      60.0MB

    • MD5

      176ea575f60d1152fd8ca3848e201c60

    • SHA1

      307cf19bf9b5cd6c4721f339baf7d34b9b9f53d9

    • SHA256

      dc0ed55c15a3f289fff28c858d613d2a25153eb6a79a0dbeea0f7feb6c1b9a46

    • SHA512

      fc0177a5c4a40f4e6555ece0f4ed399dce2595bf353622b17ea88b00d596e1c7044a1e2e6da2f9acbb26a7b14f7a223bca35a385eb339cc297a1a8081208a31a

    • SSDEEP

      393216:LolUwIZZQkvsMjh/kwp022I6sY9P7lfhYa2o:LolUwIrOYdk3+ixJYa

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks