Overview

overview

10

Static

static

10

901610c36c...79.exe

windows7-x64

10

901610c36c...79.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    901610c36cdd51920d427192db07c9eb8f0d2476b5e0c537fbb452492008e879.exe

  • Size

    6.7MB

  • Sample

    240229-f93c1afh71

  • MD5

    04474486e533db51f7f1ff0f8719a062

  • SHA1

    0ff77213cc09ff09381980bc9df5dd3f0ca96131

  • SHA256

    901610c36cdd51920d427192db07c9eb8f0d2476b5e0c537fbb452492008e879

  • SHA512

    6833d094af2654319561335eed7a79ef5e0f0726877bde5de68d201977552bc710bf046e2857e80aa462e0baf73487a74433e566759dfaca8c37b474cd7c2868

  • SSDEEP

    98304:x6hItKsKxu0hQCmgKec8oLsLS7gf07eA7LUC/yY6:whItKrw0hRcN4kgRCaT

Score
10/10
lummazgratratstealer

Malware Config

Extracted

Family

lumma

C2

https://woodfeetumhblefepoj.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      901610c36cdd51920d427192db07c9eb8f0d2476b5e0c537fbb452492008e879.exe

    • Size

      6.7MB

    • MD5

      04474486e533db51f7f1ff0f8719a062

    • SHA1

      0ff77213cc09ff09381980bc9df5dd3f0ca96131

    • SHA256

      901610c36cdd51920d427192db07c9eb8f0d2476b5e0c537fbb452492008e879

    • SHA512

      6833d094af2654319561335eed7a79ef5e0f0726877bde5de68d201977552bc710bf046e2857e80aa462e0baf73487a74433e566759dfaca8c37b474cd7c2868

    • SSDEEP

      98304:x6hItKsKxu0hQCmgKec8oLsLS7gf07eA7LUC/yY6:whItKrw0hRcN4kgRCaT

    Score
    10/10
    zgratratlummastealer

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks