Overview

overview

10

Static

static

10

SecuriteIn...32.exe

windows7-x64

10

SecuriteIn...32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.22132.9761

  • Size

    499KB

  • Sample

    240301-pttwcsga8z

  • MD5

    764f801b0842d8fe564f01a81cfe4526

  • SHA1

    d3cd929c42f808c1ddfdef4d8b528f1e1d981bba

  • SHA256

    a209c55478f217066ba1babd44459d2b0a4da6ed90aa5928280eaf6ac2f0457b

  • SHA512

    5019550b6c11df7f466531f0564d6f7bfb214a92f0d508bc631e8f0a39b38a4c09611241b87bc74f509e9851c68657363d77d93436b8b2c604d9ed6e6202dc21

  • SSDEEP

    12288:OvnWvqHe7UF6q12BlW7872GOXYtKFlK1CJsIk:UWvUGBlW787+zK1jD

Score
10/10
lummazgratratstealer

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.22132.9761

    • Size

      499KB

    • MD5

      764f801b0842d8fe564f01a81cfe4526

    • SHA1

      d3cd929c42f808c1ddfdef4d8b528f1e1d981bba

    • SHA256

      a209c55478f217066ba1babd44459d2b0a4da6ed90aa5928280eaf6ac2f0457b

    • SHA512

      5019550b6c11df7f466531f0564d6f7bfb214a92f0d508bc631e8f0a39b38a4c09611241b87bc74f509e9851c68657363d77d93436b8b2c604d9ed6e6202dc21

    • SSDEEP

      12288:OvnWvqHe7UF6q12BlW7872GOXYtKFlK1CJsIk:UWvUGBlW787+zK1jD

    Score
    10/10
    zgratratlummastealer

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks