Resubmissions

13/03/2024, 13:51

240313-q5587sec8s 10

13/03/2024, 13:46

240313-q293zsga26 1

General

  • Target

    https://app.mediafire.com/uzg9rt06apy3o

  • Sample

    240313-q5587sec8s

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://wisemassiveharmonious.shop/api

https://colorfulequalugliess.shop/api

https://relevantvoicelesskw.shop/api

https://associationokeo.shop/api

Targets

    • Target

      https://app.mediafire.com/uzg9rt06apy3o

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks