lumma | d160705c870ec3a76eb6626440d20a0101b972149561c6f27ef5e7f0958ce1a3 | Triage

Submit
Reports

Overview

overview

Static

static

13ba54cd51...56.exe

windows7-x64

13ba54cd51...56.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

13ba54cd51054b82cc24cb5dfbdc1256
Size

3.9MB
Sample

240311-h4v3vafb9s
MD5

13ba54cd51054b82cc24cb5dfbdc1256
SHA1

94ef4fad3c22b764fd6dc5a90490ca07aec25401
SHA256

d160705c870ec3a76eb6626440d20a0101b972149561c6f27ef5e7f0958ce1a3
SHA512

703141ed1a5999806810cc224c907dfef4f9570226205ba68b34d2d2334b3618bafa2a5bcb1cea012d77f2d222a23cb920c11cfc59a71e118f81fddfa5af3c8f
SSDEEP

98304:iuSkCqdCgvipkZezOcuNLxZOVogKAEYOe/t9nQsc4KxqzEqw:i1dqdWdzVMxonAYOeDnpc46Nt

Score

10^/10

lumma zgrat rat stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

13ba54cd51054b82cc24cb5dfbdc1256.exe

Resource

win7-20240215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

13ba54cd51054b82cc24cb5dfbdc1256.exe

Resource

win10v2004-20240226-en

lumma zgrat rat stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://associationokeo.shop/api

Targets

- Target
  
  13ba54cd51054b82cc24cb5dfbdc1256
- Size
  
  3.9MB
- MD5
  
  13ba54cd51054b82cc24cb5dfbdc1256
- SHA1
  
  94ef4fad3c22b764fd6dc5a90490ca07aec25401
- SHA256
  
  d160705c870ec3a76eb6626440d20a0101b972149561c6f27ef5e7f0958ce1a3
- SHA512
  
  703141ed1a5999806810cc224c907dfef4f9570226205ba68b34d2d2334b3618bafa2a5bcb1cea012d77f2d222a23cb920c11cfc59a71e118f81fddfa5af3c8f
- SSDEEP
  
  98304:iuSkCqdCgvipkZezOcuNLxZOVogKAEYOe/t9nQsc4KxqzEqw:i1dqdWdzVMxonAYOeDnpc46Nt
Score

10^/10

zgrat rat lumma stealer
- Detect ZGRat V1
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

lummazgratratstealer

© 2018-2025

Terms | Privacy