Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a26a941ea738ce18cc3a4a8594b71445d870162b74e5217df3d5e8abfdf10c09

  • Size

    5.0MB

  • Sample

    240429-eqk4yaaa51

  • MD5

    0766ddeb61b4cfef867485bb230da163

  • SHA1

    e17992d039a256d84671c75990c969bcb80eaa63

  • SHA256

    a26a941ea738ce18cc3a4a8594b71445d870162b74e5217df3d5e8abfdf10c09

  • SHA512

    cc5d109e2b5a5ca6fec54b6a0db0121a9e38a31128f8e89e89f1ac8fc749f9461afdf5517d19d35608cf7d99ffe33a8ed8818ed6da21cf38af25e3e196eba750

  • SSDEEP

    98304:UrcCBzBOiltFYGcBn85fi6dUaIG983Tf+Tda/4I:UrcCBzBOilrAQ83Aa4I

Score
10/10
lummazgratratstealer

Malware Config

Extracted

Family

lumma

C2

https://secretionsuitcasenioise.shop/api

https://modestessayevenmilwek.shop/api

https://triangleseasonbenchwj.shop/api

https://culturesketchfinanciall.shop/api

https://sofahuntingslidedine.shop/api

Targets

    • Target

      a26a941ea738ce18cc3a4a8594b71445d870162b74e5217df3d5e8abfdf10c09

    • Size

      5.0MB

    • MD5

      0766ddeb61b4cfef867485bb230da163

    • SHA1

      e17992d039a256d84671c75990c969bcb80eaa63

    • SHA256

      a26a941ea738ce18cc3a4a8594b71445d870162b74e5217df3d5e8abfdf10c09

    • SHA512

      cc5d109e2b5a5ca6fec54b6a0db0121a9e38a31128f8e89e89f1ac8fc749f9461afdf5517d19d35608cf7d99ffe33a8ed8818ed6da21cf38af25e3e196eba750

    • SSDEEP

      98304:UrcCBzBOiltFYGcBn85fi6dUaIG983Tf+Tda/4I:UrcCBzBOilrAQ83Aa4I

    Score
    10/10
    zgratratlummastealer

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks