General

  • Target

    2bd6df3a98337e2b75e9fdb9815538c84eff19ea760374a47db979b828918fc2.exe

  • Size

    4.7MB

  • Sample

    240408-bke4yscc89

  • MD5

    6aed3301263d22d1f1c8a7d152862ffc

  • SHA1

    9d8f5ba8e6d580ca341337a27fa0f23a4948d249

  • SHA256

    2bd6df3a98337e2b75e9fdb9815538c84eff19ea760374a47db979b828918fc2

  • SHA512

    81a910f47c664214e44156d278537f0b5c2ed0a081c2dcee51c8f2d8a3c18f60bad6499d81645ee51506f6cc9c0fa26adcbf88582e73580ed2c7a1279b73f14d

  • SSDEEP

    98304:VNYdBwyMWieDN4+F/8njOyiiqTrAGlucx:X/EwnjOy5q9luc

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://appliedgrandyjuiw.shop/api

https://birdpenallitysydw.shop/api

https://cinemaclinicttanwk.shop/api

https://disagreemenywyws.shop/api

https://speedparticipatewo.shop/api

https://fixturewordbakewos.shop/api

https://colorprioritytubbew.shop/api

https://abuselinenaidwjuew.shop/api

https://methodgreenglassdatw.shop/api

Targets

    • Target

      2bd6df3a98337e2b75e9fdb9815538c84eff19ea760374a47db979b828918fc2.exe

    • Size

      4.7MB

    • MD5

      6aed3301263d22d1f1c8a7d152862ffc

    • SHA1

      9d8f5ba8e6d580ca341337a27fa0f23a4948d249

    • SHA256

      2bd6df3a98337e2b75e9fdb9815538c84eff19ea760374a47db979b828918fc2

    • SHA512

      81a910f47c664214e44156d278537f0b5c2ed0a081c2dcee51c8f2d8a3c18f60bad6499d81645ee51506f6cc9c0fa26adcbf88582e73580ed2c7a1279b73f14d

    • SSDEEP

      98304:VNYdBwyMWieDN4+F/8njOyiiqTrAGlucx:X/EwnjOy5q9luc

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Detects executables packed with Babel

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks