General

  • Target

    possible redline.zip

  • Size

    386KB

  • Sample

    240525-rrnbxaff61

  • MD5

    5f215a7f340a2c6b856e21eafab476f1

  • SHA1

    62fde916f5fe094ec6ce73874777044f0754e565

  • SHA256

    bc418a8ea27e4c19309b032113165f2f7d29b0922e14fba9a4eba689fe32bb24

  • SHA512

    1a1a3e32e3d72c9fc3cb779e55597dca33553049ae13a42c3a883dcc1e9587f6e07416bb5f1f2d68f9feec96f63a3cb681221caee08d68ca1830a24ddf25ab81

  • SSDEEP

    6144:qg3BKG9XCXatq2c/X+UubfwL/dVpbai5G8QnmtGBdFFOMgdHyCwqkoc4oSrSy/Tv:p34qLc/XBVZ+eM2SCUaomh/QO

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      Setup.exe

    • Size

      457KB

    • MD5

      ee80b9f0a83d2da66013b0bb69964171

    • SHA1

      047e1549b4e9c8a3de441297bdc2656b1430a64c

    • SHA256

      bbd4ebadb6cf95a4eca65d3c77a250c88d54c31ce76ae11b7fa3fb13d1c4588a

    • SHA512

      7eaeb5c1c2efc57f42ef1da91ac836fdf2316cd2cd32626a8b7178b4e1cca81ef6f38e8775260f836f1c06033fbc3b29688886574aa7e9035f96d2bb8e295008

    • SSDEEP

      6144:P0KBmV04bcIGQ43L6kHUuXfwL//Vpbaq5G8QVmtGBdFzOMgdHyCwykoc4oSrSy5B:MKBmV00f7Vf6QM2SCCaomh5QIde

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks