General

  • Target

    NeverLose.zip

  • Size

    619KB

  • Sample

    240524-lrj2lada45

  • MD5

    c9d95e20a75db79ec89f817de03d4684

  • SHA1

    8a16dee137cc994a7a8e607889a7adece8d97965

  • SHA256

    ea439153b48afc4eebee25faa7ce28562246530a7c80905362e3f614410297b5

  • SHA512

    22bd0bcf51fe04d751e5091b697eac57ea69a9353cd47c080f9506ebb2dbd29b9d1f57015d3bfbfc64cb75b13f7f53f9d8351c2e0c1d1ec0e351fcf8cff26729

  • SSDEEP

    12288:8LdnM0YYXoeQ0ubFWwLGP1LArVbQobmyyFL3vS42NHVTuNTypY3:ImS4eQ3b+9LiQo6d3b23I

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      NeverLose.zip

    • Size

      619KB

    • MD5

      c9d95e20a75db79ec89f817de03d4684

    • SHA1

      8a16dee137cc994a7a8e607889a7adece8d97965

    • SHA256

      ea439153b48afc4eebee25faa7ce28562246530a7c80905362e3f614410297b5

    • SHA512

      22bd0bcf51fe04d751e5091b697eac57ea69a9353cd47c080f9506ebb2dbd29b9d1f57015d3bfbfc64cb75b13f7f53f9d8351c2e0c1d1ec0e351fcf8cff26729

    • SSDEEP

      12288:8LdnM0YYXoeQ0ubFWwLGP1LArVbQobmyyFL3vS42NHVTuNTypY3:ImS4eQ3b+9LiQo6d3b23I

    Score
    1/10
    • Target

      Neverlose.cc/Guide READ ME!!!!.txt

    • Size

      725B

    • MD5

      ed935b63cf35d3169480bdc4bcc5d0a9

    • SHA1

      9a89f642a8a5251cf591be9dca7d308b554b8d4a

    • SHA256

      adbc26c193fba2cbd6926fcf7005e15df8e25713262b2a0e83eea6200b4939f5

    • SHA512

      9a24f6baae67e2c2543cb4beb4fb281a210d04c8a706d7b964f3bb57e232ce56df0f03561c8af97075f301ec1a42f38df821b181673a71ae5c72297400d62310

    Score
    1/10
    • Target

      Neverlose.cc/NeverLose.exe

    • Size

      1.2MB

    • MD5

      bb5a7414d8e9eed4ae56984ea9e5d326

    • SHA1

      44b72cdccdf5c4a685ba6f13baa1ed8999286cd4

    • SHA256

      0b5aaa2bbba71e9c37da4e3819a6a878955e0acc8bc199b247a586283e13b9f2

    • SHA512

      010b10795950d939e446244828fb56e1bd0cc4dc714733cfcdf1b09a946dacf75708ae9456ced2d6e3eb5e7bf3b062afdd738a7abbcfe2b49212bb1eee199ad1

    • SSDEEP

      24576:WDmJmqp/bF9xRL+Ab3zYaiYpUjNRgVztW:WKXF9xRL+Au5NmZ

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

    • Target

      Neverlose.cc/cfg/Legit.cfg

    • Size

      1.2MB

    • MD5

      a3d382d5772e74b3ac1e462a031726bf

    • SHA1

      150fbb13b5d02778a9b1398cc6930241e0d47d8e

    • SHA256

      c7f7deda40d02d97050f1d8eeabeb8f4a6bbb0ac2a8641f70f47b10780b2595c

    • SHA512

      911204bcb99bbab4c14e02ad507d9799a643633842b7db70f629547bab72dd85108c3045aa8307efc4a0bb509710536d6f8ef4137df1f9250dbf6623d2323b89

    • SSDEEP

      24:/bbbbbbbbbbbbbbbbbbbbbbe8Xbbbbbbb8Xbbbbbbbbb8XobbbbbbgX8XbUbbbbT:h

    Score
    3/10
    • Target

      Neverlose.cc/cfg/Rage.cfg

    • Size

      1.1MB

    • MD5

      c70b6abc677252c7a783e9eb18692f79

    • SHA1

      bf6dba2ad311f0691be7977fc736978ec79e8334

    • SHA256

      bd723f290961acba9bb926e82574b0c2425fe35cdbb14e5116b8403714ea5b6e

    • SHA512

      25327ebcb5f2aba1f9ce2583588bd72950525436d0f34b32c1cc69d207c505ba22bf95b28e3cf2ca0bbd41fd8beee93f4372cd4f1f37ce243ffe8d1dd853380e

    • SSDEEP

      48:LYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYT:P

    Score
    3/10
    • Target

      Neverlose.cc/dll/Load.dll

    • Size

      1.2MB

    • MD5

      d419ed219a91886531de9606899d3472

    • SHA1

      58e0d349c21fc7747d4b60248ae1a284b58eb80e

    • SHA256

      238545d28441056e04a70dea2cb50e58f60ba974a69853406a57ca3f8c904561

    • SHA512

      a4174a050987a2500c95dd7644a2e1e64f20acf276fae49365f779055ecd5a325881308eb700b2da4169c1a6dbecad6715a43affbf4066b21978104d3a1d18dc

    • SSDEEP

      24:/bbbbbbbbbbbbbbbbbbbbbbe8Xbbbbbbb8Xbbbbbbbbb8XobbbbbbgX8XbUbbbbF:X

    Score
    1/10
    • Target

      Neverlose.cc/languages/Ru.rtf

    • Size

      7B

    • MD5

      8274425de767b30b2fff1124ab54abb5

    • SHA1

      2201589aa3ed709b3665e4ff979e10c6ad5137fc

    • SHA256

      0d6afb7e939f0936f40afdc759b5a354ea5427ec250a47e7b904ab1ea800a01d

    • SHA512

      16f1647b22ca8679352e232c7dcbcdcba224c9b045c70e572bf061b2996f251cbd65a152557409f17be9417b23460adebe5de08d2dea30d13a64e22f6607206b

    Score
    4/10

MITRE ATT&CK Enterprise v15

Tasks