Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    crypted.exe

  • Size

    519KB

  • Sample

    240526-174s9sfa38

  • MD5

    1b1c7e6e96667a6a758b22d444de57a7

  • SHA1

    3eafd122d0814ee5aeb35a9bce975805a8cf6744

  • SHA256

    e03518acef8a2fecee311fac04e11943e8b219815f02224a4ae30d5ecccf0f90

  • SHA512

    2ed665526ec20b8c3d8a6854e25bcf44755e4bfd8f34b3770c3694e4b9cd8b2ad85d130830cb298aa18521f30038ef47e5d93225a5eb14039670f5ef626f91f7

  • SSDEEP

    12288:ar9mi27cWO4AEcI9cCHEAJtv9QXmuP16k:6mfemcCflO1

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://employhabragaomlsp.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      crypted.exe

    • Size

      519KB

    • MD5

      1b1c7e6e96667a6a758b22d444de57a7

    • SHA1

      3eafd122d0814ee5aeb35a9bce975805a8cf6744

    • SHA256

      e03518acef8a2fecee311fac04e11943e8b219815f02224a4ae30d5ecccf0f90

    • SHA512

      2ed665526ec20b8c3d8a6854e25bcf44755e4bfd8f34b3770c3694e4b9cd8b2ad85d130830cb298aa18521f30038ef47e5d93225a5eb14039670f5ef626f91f7

    • SSDEEP

      12288:ar9mi27cWO4AEcI9cCHEAJtv9QXmuP16k:6mfemcCflO1

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks