General

  • Target

    aacefe4ae373036c3e23620129e50cf6

  • Size

    708KB

  • Sample

    240228-dbe4pshe5t

  • MD5

    aacefe4ae373036c3e23620129e50cf6

  • SHA1

    11097468fd9ca197fab0143c57c104bf405f0ad8

  • SHA256

    f04163d3230ca321dc4ea34face533f98f92391b487967e7c8f8427ea0fc0be0

  • SHA512

    1fb656d80913bf090f1d04ef3366c67bf94ae70746e384416b10bdc29823c1f646fad7e9b1fdb408e51e253665eb37a7b1983f8ef4152644dccbd274e98f9958

  • SSDEEP

    12288:YAPYGIQua+9lxkHkhdGQ6oK0XBitmTu+TZRt3oaloE3noAwVyTivQPfsNG0JQ:KGls9wEnGQ9KsHRt3oaCEXoRyIQPfaW

Malware Config

Targets

    • Target

      aacefe4ae373036c3e23620129e50cf6

    • Size

      708KB

    • MD5

      aacefe4ae373036c3e23620129e50cf6

    • SHA1

      11097468fd9ca197fab0143c57c104bf405f0ad8

    • SHA256

      f04163d3230ca321dc4ea34face533f98f92391b487967e7c8f8427ea0fc0be0

    • SHA512

      1fb656d80913bf090f1d04ef3366c67bf94ae70746e384416b10bdc29823c1f646fad7e9b1fdb408e51e253665eb37a7b1983f8ef4152644dccbd274e98f9958

    • SSDEEP

      12288:YAPYGIQua+9lxkHkhdGQ6oK0XBitmTu+TZRt3oaloE3noAwVyTivQPfsNG0JQ:KGls9wEnGQ9KsHRt3oaCEXoRyIQPfaW

    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Modifies security service

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks