General

  • Target

    Ex3cutor Launcher.exe

  • Size

    200.0MB

  • Sample

    240520-bq6tvsde2z

  • MD5

    e8c4b28ff455621e8722b30ce960d53f

  • SHA1

    79feff13fb183a97e0c12690f3df75affa4c9063

  • SHA256

    5d4a1d9250a57c5f889ee37a8262bd850bf7ac50e7bc82588b22d2ea3ac36166

  • SHA512

    8766dc59c0584cf78fa8f1d884d2ae575f39691b6a1641e2bf32aae713e7c365404c7b400842b24167b2d47503fe868b1e88d8c34e3331ea4204beb5c5cd894f

  • SSDEEP

    24576:FzO9QInrUh4tZvrF08jgLCZ3oIaozZ9G6BrgLCWK47m:gnhZv/jg2ZQolNrgL9K4K

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://employeedscratshj.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      Ex3cutor Launcher.exe

    • Size

      200.0MB

    • MD5

      e8c4b28ff455621e8722b30ce960d53f

    • SHA1

      79feff13fb183a97e0c12690f3df75affa4c9063

    • SHA256

      5d4a1d9250a57c5f889ee37a8262bd850bf7ac50e7bc82588b22d2ea3ac36166

    • SHA512

      8766dc59c0584cf78fa8f1d884d2ae575f39691b6a1641e2bf32aae713e7c365404c7b400842b24167b2d47503fe868b1e88d8c34e3331ea4204beb5c5cd894f

    • SSDEEP

      24576:FzO9QInrUh4tZvrF08jgLCZ3oIaozZ9G6BrgLCWK47m:gnhZv/jg2ZQolNrgL9K4K

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks