General

  • Target

    Adobe Activator.rar

  • Size

    22.7MB

  • Sample

    240519-phancagh29

  • MD5

    5fa6e28b3b413e33d5e0e43b2eb7592e

  • SHA1

    c4eaf89326b97587049060f936d40dff4e945c22

  • SHA256

    55d0878b26822889880b1518b566255cf79f39550df86a1c4b450f21efe5d52e

  • SHA512

    0dc9027c07ce1dc33c4d86ae32c94bd5986c0f6810db6d856930cbc405dad8b492cc519535625e01c5c98dcee3cef0e8053fe6764326e8bc2b7c16f46c068a5e

  • SSDEEP

    393216:S2WwCVr5SEYAb8RzDj+v5/PCsXMvYqyS6kx8hqqThHBpD3QR0KeXJJqIrgesQZ3L:M5rlbWTW5/FZqg99hprQI+ILsQZ3L

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://ticketgradiencomfj.shop/api

Targets

    • Target

      Adobe Activator.rar

    • Size

      22.7MB

    • MD5

      5fa6e28b3b413e33d5e0e43b2eb7592e

    • SHA1

      c4eaf89326b97587049060f936d40dff4e945c22

    • SHA256

      55d0878b26822889880b1518b566255cf79f39550df86a1c4b450f21efe5d52e

    • SHA512

      0dc9027c07ce1dc33c4d86ae32c94bd5986c0f6810db6d856930cbc405dad8b492cc519535625e01c5c98dcee3cef0e8053fe6764326e8bc2b7c16f46c068a5e

    • SSDEEP

      393216:S2WwCVr5SEYAb8RzDj+v5/PCsXMvYqyS6kx8hqqThHBpD3QR0KeXJJqIrgesQZ3L:M5rlbWTW5/FZqg99hprQI+ILsQZ3L

    Score
    7/10
    • Executes dropped EXE

    • Target

      Adobe Activator/Adobe_Activator.exe

    • Size

      4.0MB

    • MD5

      34606bbff1084f0e853f22a47df80611

    • SHA1

      7cdf43d380412a62ea1a246029d5760187bc7a2e

    • SHA256

      d659948043d414a885e3f8de5bd3dcef4a03a972b300f14aca8222b33cb33f31

    • SHA512

      8ca458567d79d58765742a406d7d219c6b9cfaf3325c785b59c78308244104e885ce21a5980936eeeb7fc0c27a8d33bfef9f2f03bfd921252ef687998380d897

    • SSDEEP

      98304:nYCCpMfhnXR2enA6rhqqOBq6izff90R0hYigoKeg52F15h3D03LD:YCCpIhnEenA6iczff9VhYigoKegsp3Do

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks