General

  • Target

    SecuriteInfo.com.Variant.Lazy.451471.5749.32688

  • Size

    480KB

  • Sample

    240229-txfv5aeg76

  • MD5

    d81de587581942a6f2c9604c5c8125da

  • SHA1

    2ce68356b7a71abd3f43200ec60c4d865b54d4ee

  • SHA256

    b748181035fabd4e717bb4d8a5b86343758864353c705b386e111036280905a1

  • SHA512

    6cd66b4cd411585ec3481558b96f6d5591aed5c8751eaf6d51a1af05ceee30acc134979406097de44e1eeed76d94d9fd78216056f23c906854b7523b1a57fbf2

  • SSDEEP

    12288:dCAMiZ9afF+oOWcAkvoowwPaDCoSQ+Vf6M8:lZ8cW7hqfHV6M8

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      SecuriteInfo.com.Variant.Lazy.451471.5749.32688

    • Size

      480KB

    • MD5

      d81de587581942a6f2c9604c5c8125da

    • SHA1

      2ce68356b7a71abd3f43200ec60c4d865b54d4ee

    • SHA256

      b748181035fabd4e717bb4d8a5b86343758864353c705b386e111036280905a1

    • SHA512

      6cd66b4cd411585ec3481558b96f6d5591aed5c8751eaf6d51a1af05ceee30acc134979406097de44e1eeed76d94d9fd78216056f23c906854b7523b1a57fbf2

    • SSDEEP

      12288:dCAMiZ9afF+oOWcAkvoowwPaDCoSQ+Vf6M8:lZ8cW7hqfHV6M8

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks