General

  • Target

    Toilet Tower Defense dupe v7.rar

  • Size

    4.9MB

  • Sample

    240505-bemxlshe7w

  • MD5

    8375172032ef459f2ea08857cc75a7f9

  • SHA1

    5e8589f5487cac60f33bb51452364fa7fedf279f

  • SHA256

    8efef0938a7ccc82b2e3480ace8f562485d88536ff37cd1c6abc071d89750cda

  • SHA512

    2a6c7564202e0d9e62f5ceabeedde38327a5620291e77fe68987a65a763dbd65ff3e24a373a8cfa193cb77f72309b8a0912e4b33b5d86a71b407ab8d0212851b

  • SSDEEP

    98304:lOnsWn277dAu8ugPU05LM+xIJOPCo5Z++x03RvKFTNh3gVeVIruS3nJ6Gdrw:lOnsWgmu86OLlSOP/5w+jF73grdIq0

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://stiffraspyofkwsl.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      Toilet Tower Defense dupe v7.rar

    • Size

      4.9MB

    • MD5

      8375172032ef459f2ea08857cc75a7f9

    • SHA1

      5e8589f5487cac60f33bb51452364fa7fedf279f

    • SHA256

      8efef0938a7ccc82b2e3480ace8f562485d88536ff37cd1c6abc071d89750cda

    • SHA512

      2a6c7564202e0d9e62f5ceabeedde38327a5620291e77fe68987a65a763dbd65ff3e24a373a8cfa193cb77f72309b8a0912e4b33b5d86a71b407ab8d0212851b

    • SSDEEP

      98304:lOnsWn277dAu8ugPU05LM+xIJOPCo5Z++x03RvKFTNh3gVeVIruS3nJ6Gdrw:lOnsWgmu86OLlSOP/5w+jF73grdIq0

    Score
    10/10
    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks