General

  • Target

    !Fles-PAsw0rd__6644.rar

  • Size

    5.0MB

  • Sample

    240229-yxqgsabb41

  • MD5

    b52d19606747c85c00c43e75fc577535

  • SHA1

    e3235af9df736010bb6218a7d2982be691b753d0

  • SHA256

    12cbd33c35c407f7539c51f9d451270d3368b2f3718115336f3d8cda95c5810e

  • SHA512

    a39c46c21abf98a6e41fd4994da30ee4c0e03d2e740a14c45096461f3a116cec4ddd8cc7e3bab3d4b9617c5f4453f269757423348a5fe1382f81b103e06d4e14

  • SSDEEP

    98304:JcvF1klHOTl9oYkeo0krBIddJrVaXVd84k1r9sycVcfiCXTODXgZ2G6N:JcvFPvoQbTdJrIXVdBk1r9sycV2iAeXn

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://medalappearancerackw.shop/api

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      446KB

    • MD5

      485008b43f0edceba0e0d3ca04bc1c1a

    • SHA1

      55ae8f105af415bb763d1b87f6572f078052877c

    • SHA256

      12c22ba646232d5d5087d0300d5cfd46fed424f26143a02dc866f1bfceab3c10

    • SHA512

      402652786daae635c7405f5fa0924d768cbde2086f9f57b10f00f921dec98e37168f5c3a6baa5593ba9a478f3971d32747c517ffd485d25634c924e6b08815b1

    • SSDEEP

      12288:vK5+DMJA3TAz4plk9iZOOti81N5y1qMIg+GV5Zul3M:y5+DMJA3TAz4plk9ijK1qlGV7ulM

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks