General

  • Target

    S0lara.exe

  • Size

    800.0MB

  • Sample

    240518-wepresfg94

  • MD5

    3d458fcc1399e87724710a1684adb522

  • SHA1

    7ac664ee89a8c641a41f5d3c3cae77e09391025b

  • SHA256

    6310bd6c708d19db5ce039a66a358efd3153fd5e6d37a4ca3004a3962ae2237b

  • SHA512

    958ff845ed602c41b46c5b42211d6e72005e51a2597e7f9611135997016bd137bfbbb221fbf9cc9d1f85da5f3383516531d46de046d7e8565ba6149a8c602ef2

  • SSDEEP

    24576:xXLuApIgCgQybhuTSuitDMbqNPPjffiecZdAkY8sxere1EAPX:l1fCgQEsTSrmbqNXbiwkY3fEAPX

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://employeedscratshj.shop/api

Targets

    • Target

      S0lara.exe

    • Size

      800.0MB

    • MD5

      3d458fcc1399e87724710a1684adb522

    • SHA1

      7ac664ee89a8c641a41f5d3c3cae77e09391025b

    • SHA256

      6310bd6c708d19db5ce039a66a358efd3153fd5e6d37a4ca3004a3962ae2237b

    • SHA512

      958ff845ed602c41b46c5b42211d6e72005e51a2597e7f9611135997016bd137bfbbb221fbf9cc9d1f85da5f3383516531d46de046d7e8565ba6149a8c602ef2

    • SSDEEP

      24576:xXLuApIgCgQybhuTSuitDMbqNPPjffiecZdAkY8sxere1EAPX:l1fCgQEsTSrmbqNXbiwkY3fEAPX

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks