Overview

overview

10

Static

static

9

BETA/BETA ....1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BETA Ex3cutor [by ryosx] ByfronBypass.zip

  • Size

    9.5MB

  • Sample

    240522-1979gaba6z

  • MD5

    7aa0295f329b0748434c673d0f04a707

  • SHA1

    12dea3092c00d8e8212f133e1cf47ba30403baf6

  • SHA256

    ed26db0da7361601cfab62429672a35be01ad8579f9ad6ba004442c6942d07ee

  • SHA512

    f867db7abb136a552ab3f161722bdea8203f2039a367b1af9922965eac5caed992b8032666500c15c06bef53f89615565b87abfd799be64a1acbd2423e5f8644

  • SSDEEP

    196608:IY0XaSXkMTB+zyGJtU6z8kAkNPSUJDkoe6/iFeTB1wbRJGH:7EadyAtU6YkAkNReoeDE1wrM

Score
10/10
lummacryptonepackerstealer

Malware Config

Extracted

Family

lumma

C2

https://employeedscratshj.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      BETA/BETA Executor V3.1.exe

    • Size

      200.0MB

    • MD5

      e8c4b28ff455621e8722b30ce960d53f

    • SHA1

      79feff13fb183a97e0c12690f3df75affa4c9063

    • SHA256

      5d4a1d9250a57c5f889ee37a8262bd850bf7ac50e7bc82588b22d2ea3ac36166

    • SHA512

      8766dc59c0584cf78fa8f1d884d2ae575f39691b6a1641e2bf32aae713e7c365404c7b400842b24167b2d47503fe868b1e88d8c34e3331ea4204beb5c5cd894f

    • SSDEEP

      24576:FzO9QInrUh4tZvrF08jgLCZ3oIaozZ9G6BrgLCWK47m:gnhZv/jg2ZQolNrgL9K4K

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Process Discovery

1
T1057

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks