Overview

overview

10

Static

static

1

software2_17_6_23.zip

windows7-x64

1

software2_17_6_23.zip

windows10-2004-x64

1

software2_...in.dll

windows7-x64

1

software2_...in.dll

windows10-2004-x64

1

software2_...ua.dll

windows7-x64

1

software2_...ua.dll

windows10-2004-x64

1

software2_...gs.dll

windows7-x64

1

software2_...gs.dll

windows10-2004-x64

1

software2_...UI.dll

windows7-x64

1

software2_...UI.dll

windows10-2004-x64

1

software2_...ex.dll

windows7-x64

1

software2_...ex.dll

windows10-2004-x64

1

software2_...in.dll

windows7-x64

1

software2_...in.dll

windows10-2004-x64

1

software2_...ua.dll

windows7-x64

1

software2_...ua.dll

windows10-2004-x64

1

software2_...ts.dll

windows7-x64

1

software2_...ts.dll

windows10-2004-x64

1

software2_...ts.dll

windows7-x64

1

software2_...ts.dll

windows10-2004-x64

1

software2_...er.exe

windows7-x64

3

software2_...er.exe

windows10-2004-x64

10

software2_...te.xml

windows7-x64

1

software2_...te.xml

windows10-2004-x64

1

software2_...g.html

windows7-x64

1

software2_...g.html

windows10-2004-x64

1

software2_...t.html

windows7-x64

1

software2_...t.html

windows10-2004-x64

1

software2_...te.xml

windows7-x64

1

software2_...te.xml

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    software2_17_6_23.zip

  • Size

    390KB

  • Sample

    240424-bt1f9adf5w

  • MD5

    6b3b168f52d61c4da8dbe11616d9833b

  • SHA1

    e64d85012c9e024a9a233c9625c95a13abe3444b

  • SHA256

    0c0795955730ac1988aa527cd4dc21d9c8ac7ae9d4837b5e63f50e870171ec87

  • SHA512

    f2f23184dc3072316f74e5515f572c5dbaeb2ebfa4dcb53388af53ad8cf1850f034630237c1be9df10ef5defaa928480f02c493ff126d1a2b6ca5dca4543e6c6

  • SSDEEP

    12288:jHgh4EIS8xpSnqqY4PxRfVs1FOxEFwXO1Pgh7jP:jnEIvaqVMxRfV84kAO1qP

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://mazefearcontainujsy.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      software2_17_6_23.zip

    • Size

      390KB

    • MD5

      6b3b168f52d61c4da8dbe11616d9833b

    • SHA1

      e64d85012c9e024a9a233c9625c95a13abe3444b

    • SHA256

      0c0795955730ac1988aa527cd4dc21d9c8ac7ae9d4837b5e63f50e870171ec87

    • SHA512

      f2f23184dc3072316f74e5515f572c5dbaeb2ebfa4dcb53388af53ad8cf1850f034630237c1be9df10ef5defaa928480f02c493ff126d1a2b6ca5dca4543e6c6

    • SSDEEP

      12288:jHgh4EIS8xpSnqqY4PxRfVs1FOxEFwXO1Pgh7jP:jnEIvaqVMxRfV84kAO1qP

    Score
    1/10
    behavioral1behavioral2

    • Target

      software2_17_6_23/bin/authorized/join.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral3behavioral4

    • Target

      software2_17_6_23/bin/lua.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral5behavioral6

    • Target

      software2_17_6_23/bin/settings.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral7behavioral8

    • Target

      software2_17_6_23/dll/UI.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral10behavioral9

    • Target

      software2_17_6_23/dll/UIDex.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral11behavioral12

    • Target

      software2_17_6_23/dll/loadingMain.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral13behavioral14

    • Target

      software2_17_6_23/dll/lua.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral15behavioral16

    • Target

      software2_17_6_23/dll/presets.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral17behavioral18

    • Target

      software2_17_6_23/dll/scripts.dll

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral19behavioral20

    • Target

      software2_17_6_23/loader.exe

    • Size

      460KB

    • MD5

      8a1801714426d29d63eb25aa92f402a9

    • SHA1

      a6861884cbde9e99d23a4ce6bb221a6dddb4ed54

    • SHA256

      1345bdc232ecd7cfb835fe479ad5c172a59c18477bdc130ff0d492be56ce445f

    • SHA512

      0dee009f6074db73d3f5b3edda5b9305ed9134abc867f41f6217b3cb250c8511f9fc03b552adb0f80e8845cb02b829fc87ed6d571fb21abd008535e0bf4df9a4

    • SSDEEP

      6144:QpxFEXF3kSfQJ0SlD9tH/xR0h3uFEmLAuIHbXInETPmDF69pVYx/RKlDa+3VgmwA:gxFi00sr/63uFTkcns93kRMu+qpm

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral21behavioral22

    • Target

      software2_17_6_23/lua/Date.xml

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral23behavioral24

    • Target

      software2_17_6_23/lua/Loading.html

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral25behavioral26

    • Target

      software2_17_6_23/lua/Newtonsoft.html

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral27behavioral28

    • Target

      software2_17_6_23/lua/Site.xml

    • Size

      5B

    • MD5

      ad42f6697b035b7580e4fef93be20b4d

    • SHA1

      32faaecac742100f7753f0c1d0aa0add01b4046b

    • SHA256

      0b8e9e995d8d77f1e4770f0f79665aee6f3f70247b3735422daba73df4c3096f

    • SHA512

      225d05b918519458a8fcc1e6493a4e854c004da76f6250b8f52197f47094f71ee984725c31446a1967f0d55f4dc74793dd44d932f2bdf50d77d4288d663bf1ab

    Score
    1/10
    behavioral29behavioral30

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks