Overview

overview

10

Static

static

3

fcb5695a58...18.exe

windows7-x64

10

fcb5695a58...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fcb5695a58313c7c0341bd5a6a0e8bf7_JaffaCakes118

  • Size

    102KB

  • Sample

    240420-n1d8tagf41

  • MD5

    fcb5695a58313c7c0341bd5a6a0e8bf7

  • SHA1

    cc791671160e423aa7845566fdfe0e6c792401f5

  • SHA256

    4c16edebd158f250b0fba02dce4f49fa9126e95139016e65b96642f2323930db

  • SHA512

    64c9bf3ff64b15baed32ee60c53cbbadd69a29176176e7cc94eb932c93a8bdc8062f4d6daca95797dfd4cd8861905700439ed077bff01545f0c1e39dafd1c321

  • SSDEEP

    3072:zDlFYy7UFiiL5/GJCj1GYsyKnuADfzRUlbt3Tzq7h6l:PB7Ur+bYs/uAPe3P/

Score
10/10
lummametasploitbackdoorstealertrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      fcb5695a58313c7c0341bd5a6a0e8bf7_JaffaCakes118

    • Size

      102KB

    • MD5

      fcb5695a58313c7c0341bd5a6a0e8bf7

    • SHA1

      cc791671160e423aa7845566fdfe0e6c792401f5

    • SHA256

      4c16edebd158f250b0fba02dce4f49fa9126e95139016e65b96642f2323930db

    • SHA512

      64c9bf3ff64b15baed32ee60c53cbbadd69a29176176e7cc94eb932c93a8bdc8062f4d6daca95797dfd4cd8861905700439ed077bff01545f0c1e39dafd1c321

    • SSDEEP

      3072:zDlFYy7UFiiL5/GJCj1GYsyKnuADfzRUlbt3Tzq7h6l:PB7Ur+bYs/uAPe3P/

    Score
    10/10
    lummametasploitbackdoorstealertrojan

    • Detect Lumma Stealer payload V4

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks