General

  • Target

    Cutor.exe

  • Size

    150.0MB

  • Sample

    240520-bhn9vach4z

  • MD5

    fc19772f15ec20a93b956318e77df40a

  • SHA1

    b6fc61fbb8a0932c906bfb21c5bb247a54a061ef

  • SHA256

    bada63237016ce4e5bf28c2efa620430b4c0ac859f00f4996a6a4a166e3220f3

  • SHA512

    d8c8a3d7d7fc5cbd368121601fe04f4a4753b917ff379838b086743319a122d6b8a637930e76084cf09828f458372f727d90572eae3eab79dbe6401691d3ae97

  • SSDEEP

    24576:fXEUjHrDOMFGcQQ0UDEM8FZ9IWdmKrL6OgEic8rby2N2mzbtt04H:fbjH/OXdvLZKWdtr3L712N2mzbP04H

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://employeedscratshj.shop/api

Targets

    • Target

      Cutor.exe

    • Size

      150.0MB

    • MD5

      fc19772f15ec20a93b956318e77df40a

    • SHA1

      b6fc61fbb8a0932c906bfb21c5bb247a54a061ef

    • SHA256

      bada63237016ce4e5bf28c2efa620430b4c0ac859f00f4996a6a4a166e3220f3

    • SHA512

      d8c8a3d7d7fc5cbd368121601fe04f4a4753b917ff379838b086743319a122d6b8a637930e76084cf09828f458372f727d90572eae3eab79dbe6401691d3ae97

    • SSDEEP

      24576:fXEUjHrDOMFGcQQ0UDEM8FZ9IWdmKrL6OgEic8rby2N2mzbtt04H:fbjH/OXdvLZKWdtr3L712N2mzbP04H

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks