General

  • Target

    redirect

  • Size

    6KB

  • Sample

    240229-x8mplaac61

  • MD5

    aac55256601509bc233f75481d76224d

  • SHA1

    4374db07dd1515a1f79ea93d0086ee1aecd0ec38

  • SHA256

    9663f55444754c564cd937a118642e272c55e54e52be364044adf2a8aa6fa819

  • SHA512

    51c61c762aa2e892ea03a8425d2722632ed5d1c420380f0596b80a8cf0652f9141ec9884e84e2537dce3ed33d9b3c9c25f222575e335714dc993ff30f3d11eb8

  • SSDEEP

    192:dlHLxX7777/77QF7iyrf0Lod4BYCIpxOhXU+:dlr5HYF0+CIpxOhXf

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://woodfeetumhblefepoj.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      redirect

    • Size

      6KB

    • MD5

      aac55256601509bc233f75481d76224d

    • SHA1

      4374db07dd1515a1f79ea93d0086ee1aecd0ec38

    • SHA256

      9663f55444754c564cd937a118642e272c55e54e52be364044adf2a8aa6fa819

    • SHA512

      51c61c762aa2e892ea03a8425d2722632ed5d1c420380f0596b80a8cf0652f9141ec9884e84e2537dce3ed33d9b3c9c25f222575e335714dc993ff30f3d11eb8

    • SSDEEP

      192:dlHLxX7777/77QF7iyrf0Lod4BYCIpxOhXU+:dlr5HYF0+CIpxOhXf

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks