Overview

overview

10

Static

static

10

1.exe

windows7-x64

10

1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.exe

  • Size

    725KB

  • Sample

    240515-shq7waeh31

  • MD5

    a52ce5b525413f39401a3416dd8e2de2

  • SHA1

    148e4b6b2b2904d736fc9442ff1f6309edc40023

  • SHA256

    94c8fb631f919bd52d1d4341311325510d33aee6e976a75c940a38d88a4b7757

  • SHA512

    52616053550e5f26a62d1260a850e8bfbf10e9484ba776b2b808040021e0d944b23e77e64273bd7485eb9662fe057ea41a369a873e7b2f0e90b62daf1b5ac88b

  • SSDEEP

    12288:O+O4diU6/GC4sVniwgco34nYN/MghT4rxj+TTM45P0coq/ZrUGv1L:O+seunM4Y9feBB9q+G

Score
10/10
lummazgratratstealer

Malware Config

Extracted

Family

lumma

C2

https://voicelighterrrepso.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      1.exe

    • Size

      725KB

    • MD5

      a52ce5b525413f39401a3416dd8e2de2

    • SHA1

      148e4b6b2b2904d736fc9442ff1f6309edc40023

    • SHA256

      94c8fb631f919bd52d1d4341311325510d33aee6e976a75c940a38d88a4b7757

    • SHA512

      52616053550e5f26a62d1260a850e8bfbf10e9484ba776b2b808040021e0d944b23e77e64273bd7485eb9662fe057ea41a369a873e7b2f0e90b62daf1b5ac88b

    • SSDEEP

      12288:O+O4diU6/GC4sVniwgco34nYN/MghT4rxj+TTM45P0coq/ZrUGv1L:O+seunM4Y9feBB9q+G

    Score
    10/10
    zgratratlummastealer

    • Detect ZGRat V1

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks