Overview

overview

10

Static

static

10

9e203e42aa...72.exe

windows7-x64

10

9e203e42aa...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e203e42aad4a23d95bddec9509f4d72.exe

  • Size

    470KB

  • Sample

    240314-smaqpafc8z

  • MD5

    9e203e42aad4a23d95bddec9509f4d72

  • SHA1

    14726a881fc956c8d3450c580da6c9b921c38bd6

  • SHA256

    9dcd2325222229aee939e07986dfd5eac660a3ad129979597707569af979ffea

  • SHA512

    a1add22c1fd88653a1ecfc78d708e425f9dd7e1be4b286c5d2a69994c6f46d45e16b4ceb95fd6524cfcf72742145b2588b0f90344339827d2e4e83135d7e700a

  • SSDEEP

    6144:yuwf0+RecrdM5x4z+TLonB3MRQ0+sCOMysnHLs7kSRqebpXbq4Hy6m51py:nUyLCBckT8sHLsBqebpJH5mc

Score
10/10
lummazgratratstealer

Malware Config

Extracted

Family

lumma

C2

https://scrapedirtyieoqk.shop/api

https://associationokeo.shop/api

Targets

    • Target

      9e203e42aad4a23d95bddec9509f4d72.exe

    • Size

      470KB

    • MD5

      9e203e42aad4a23d95bddec9509f4d72

    • SHA1

      14726a881fc956c8d3450c580da6c9b921c38bd6

    • SHA256

      9dcd2325222229aee939e07986dfd5eac660a3ad129979597707569af979ffea

    • SHA512

      a1add22c1fd88653a1ecfc78d708e425f9dd7e1be4b286c5d2a69994c6f46d45e16b4ceb95fd6524cfcf72742145b2588b0f90344339827d2e4e83135d7e700a

    • SSDEEP

      6144:yuwf0+RecrdM5x4z+TLonB3MRQ0+sCOMysnHLs7kSRqebpXbq4Hy6m51py:nUyLCBckT8sHLsBqebpJH5mc

    Score
    10/10
    zgratratlummastealer

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.