General

  • Target

    !@Pa$sCode__2234_FulL_Setup.zip

  • Size

    5.2MB

  • Sample

    240526-tvc2fsdc59

  • MD5

    8db326c928a78888f8cbcb3cfd68fce7

  • SHA1

    63fb73acac9e1d8c4898763796dc6dc002c24669

  • SHA256

    7e61a47d9baa7bed44fd8c1b9ce85d57ca3bdc4b27eff9886821157fc3ea09b2

  • SHA512

    06202a6ba6dcbc3a0d2628040366abe0d68e116c60264dfe41d89b968c275d52e677a02fd6ce9dcacbe0b0b90699cb5edc1f8014bbd060f8553255c1a57be67d

  • SSDEEP

    98304:2lwRtTA3z6kFBZeLItGhuEcj3eUJwXAekeczr0EQ4NA/2TKtbWjXFmDGg+:ztTAD6yZ2ItGhuPj3zmco61hmig+

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://declineforntyuekw.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      New Setup File/Setup.exe

    • Size

      1.1MB

    • MD5

      c047ae13fc1e25bc494b17ca10aa179e

    • SHA1

      e293c7815c0eb8fbc44d60a3e9b27bd91b44b522

    • SHA256

      6c30c8a2e827f48fcfc934dd34fb2cb10acb8747fd11faae085d8ad352c01fbf

    • SHA512

      0cfb96d23b043bcb954cc307f85e5bbc349c0c8a0c6eaa335ea9a8fa19ce65b047f30ed0049562d40880400d4f70e3bb28975d6970f3ae4af6da1ba06e36d48c

    • SSDEEP

      12288:a9hZPq27B7+x3dPC4gvgdVwTzDxsVyY4YoUwpf5kpRG6xsfJAYo2R0B5YD5sW91A:STS27B7+x3E4tdS/Dxkd4YoDfZ90gLS

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      New Setup File/WebView2Loader.dll

    • Size

      157KB

    • MD5

      070809c8cd894cba0720ee6a0a51dcf3

    • SHA1

      11b1ce3a95943edd0d47bb75bd31a5ad9d59aee6

    • SHA256

      21c4858df0339d1bc8e4249f0c03456835665c93eb9faad1289fd82dd5b80309

    • SHA512

      622bfad56e9d2e4bccc99924535017506706f1f8bb25a6ed111b46e583868bba7104afa76b9b6361d99ce05ca3c372c5a86e588d2e66584d394595ba1d484940

    • SSDEEP

      3072:Hr0B+bUXDvPcGE91jkXmxyu1A14mRgw4VXjTIJEtcuVux4WPrbzQr/Vhr:HjgzvPBE9dGvW9mRdEtc+F2Doh

    Score
    1/10
    • Target

      New Setup File/sasquatch.xlsx

    • Size

      1.4MB

    • MD5

      9a729e45ce98559ded4824e806035152

    • SHA1

      0a351653ed9038e33f184b7f34422929c3dc3b54

    • SHA256

      a7c9e90e0c4783b0a3617b40e927517fde7e6f427ac8707ec4b910069c0554e1

    • SHA512

      52c190c4ba7e502964a262a432491db144324b2fde6249be928bf510c07aa4f30b13a36715d6d83bf6454f405a1a5dd299a264f222b8bbdb1069e6920c2fb96a

    • SSDEEP

      24576:TsBtY2iDN++2P626SSOsyMMDVVqX8aXs99AffGWM9xFW2rZQCRVmxDtrd6JAMCb:TsDsDmyOsqDHmc992TM9S2rSKVmsCNb

    Score
    1/10
    • Target

      New Setup File/x64/AzureKeyVaultDgssLib.dll

    • Size

      373KB

    • MD5

      34ae0787cdfcb920753763251dcf83de

    • SHA1

      a41d5d58d21300e8418dbd354f46bba425fa9611

    • SHA256

      3eee708fdcc68fe76ac4cc7adba90201912c63cd815717f91a5eabba1170af0d

    • SHA512

      c8684bf3441fa5fb6a0e38df6bb9f728502e78f55eb9382ff168adab081440c37277497804fb1246a13e1f625aaa1858e39f62780c5c426edf3d825f9a739bc7

    • SSDEEP

      6144:UbJLUIAs2A/QRth5FMjvgQKMBTaJq+jqBTSMNGx6:UbJciQRth5FMjvg9MEJMFpGI

    Score
    1/10
    • Target

      New Setup File/x64/BugReporter

    • Size

      521KB

    • MD5

      29d33ee7f3fa0ee7f52ae96732c90f48

    • SHA1

      a781620a7bcff615d4dc64751b30287814200d13

    • SHA256

      b8b06487ee2c2f2a4ae25d1e7a08a9ce831539a529fe2ed0e8841e5f7c42de90

    • SHA512

      7b0076d73dc6ed561b8294ed7687f5d0d285b080b2f12bc49623690e32ccd6a2161232860f906aa151f04950587befae49793130f5f6e2ff13453a401862d856

    • SSDEEP

      12288:pFU4ZwXnyWu9wHXspsSlxuw2xyJGS3mrxWI7n3OqiHThrmotbY7rSrZWZlJmwJIH:pyellxAxyJGS3mrxWI7n3OqiHThrmotD

    Score
    1/10
    • Target

      New Setup File/x64/ComExtractor

    • Size

      618KB

    • MD5

      36848dd965ff265d696fff4f2d51935e

    • SHA1

      68c6390741c490adf2802c84e06a3b90a3c308ea

    • SHA256

      d66ee1d1e44feb03d7821062ce27e92da0fa78f7e47a451b7b1d4b94860dd309

    • SHA512

      6c3e9cdce928a78b9ea997954043ff82b2767a29b519116884e616b8aaa48668ccd051ed4607830bd7b59e32671e563939d180e576ae91752f854081b84b35af

    • SSDEEP

      12288:pRP0qhnnyfYZtOUdSK+jgsVGmzyg4J5EA:fP0DgsVzyJ5EA

    Score
    1/10
    • Target

      New Setup File/x64/HDHelper_[0MB]_[1].exe

    • Size

      566KB

    • MD5

      8a179892518a2c4e8a63afa91de7bdce

    • SHA1

      e9b095c966ccc4c4900b4cf741c067d2a0f43cd4

    • SHA256

      72ece91f65a461c5023695bf5f31b5b6b5bd629dba8407524e8144f6d1e160e8

    • SHA512

      91abb220c222a89a2df27818b8385b4015128a35b7d4c43d0f497717a4e5a55dfb9dc1da3f47a49a2400ea8300d41d52277331a6c7c3437ac5cb867a4027b220

    • SSDEEP

      12288:voJoMf8uSKkd/kAseRy/M96oQD08WjWYatid4TwzSxK/G8kHcL:CEKkd/wXMwoQJW6Ya5TwzUKeH8L

    Score
    1/10
    • Target

      New Setup File/x64/Microsoft.Toolkit.Win32.UI.XamlHost.dll

    • Size

      108KB

    • MD5

      1f4379d416af34033857bb439057cee0

    • SHA1

      a779714e9fe715aad9db2218a4b761ab77e873b9

    • SHA256

      98a87914e37600c7f97a27ca603a6b994dd51ffd390ce5b34e073939d258c2f4

    • SHA512

      cdaa3d8727e287eeaddfd58e04f292bd8daf7671a2942f99a023f31037cc8b76dce5c0566d6c0664b24403930bdd9396b27af208c313a28010e7eb9f850ba881

    • SSDEEP

      1536:WPiq7mAYLZ/kEglj55rEzGJT45rhh9esSTrXjnwVijXXyNGF1ZvLzmFiXxnBjYh2:6sxkEDGJk5rYk9Y

    Score
    1/10
    • Target

      New Setup File/x64/NvStereoUtilityOGL_[1MB]_[1].exe

    • Size

      1.1MB

    • MD5

      017cd77d01314e72a973ff0c7882453d

    • SHA1

      288238159cf18418149f5cd3475a6ebb9f45a631

    • SHA256

      c2c71318a17f7f767e5d203d22b48f27eecae46a4f37082d7b413c51da6183b3

    • SHA512

      b1d4c87e7d8585c16aa50499398c9a04d90bcd32ab36fbf7a357bc15abce0cd802a259cc7431de9fe2ca77aa68298aab5041157308be4601f7f7aa0c3c180b03

    • SSDEEP

      24576:zCVnoQHgdFnJhVaqajA4+ubDaSKYqSpamUbSBe:zgnoFFnJjaqajA4+yaSK5SpamUbSBe

    Score
    3/10
    • Target

      New Setup File/x64/VSLauncher_[0MB]_[1].exe

    • Size

      281KB

    • MD5

      7a7bb3b0e57e4fb32c57b74e78e657ad

    • SHA1

      f1dee943b1b6238b1466d83325c4099d189cd4b5

    • SHA256

      87048cff2227d2901314760618d23917cfbc5cc15fc22dc355e803c5ee5fb211

    • SHA512

      ef0c9985b640189ed9991b301cfbf9771df961e1bf67bf68c5833667db53977c9745bcfb42e059d8bb5bcd7a88253a715d86f65612dccc33514ccda3baaf24c2

    • SSDEEP

      3072:Dawahjy56hh65Ndqp9ikqtPLy0gJmU/3j41IGvQC2mCILuCW+VoNDRUiuDhJoueT:dLlavj41nDlDOO9uunwiLWyIE2n

    Score
    1/10
    • Target

      New Setup File/x64/WinUiBootstrapper.dll

    • Size

      896KB

    • MD5

      290538fceae682f2cfc3580e01fa7d28

    • SHA1

      12df9dc416d48f90a5ee5648abd1479dcc5dc327

    • SHA256

      c0cfd5ecd4fa7c78eee91c4a2e7963e805513a88ad376772108b9b0c54bb8551

    • SHA512

      089986cfe48fbdc889322796d5b5721b0c5065cfde72516e3fb35024bbe5c3ed098c6b7dc0c459af732f96bc2f67c95435f6d9cbcd8941ac18b83ee54b27321b

    • SSDEEP

      24576:MpiGSL76HSy+SqfyJFE0yD3VDPItrsRmPrAF6dGUO9T:Mpj2GHSy+SqfyJFE0yD3VDPIhsAPrA4Q

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-console-l1-1-0.dll

    • Size

      21KB

    • MD5

      0909e61c8c9c717976828f65c987e5f9

    • SHA1

      b5affabb8afda55ebb1f404edab69c6c239affe6

    • SHA256

      03ffdb036329a25beacf905d62611a13e3dfdda6cbd2d13af830258e8cf40ec0

    • SHA512

      7f78746e40da64631c08d0e173fbdeb40beed180932b42382d9f3ac0cdb4348d2a5b1c29770bb98f5d4823cfd66ecac2285afbcaf109f82c8b75c7711f10c49d

    • SSDEEP

      192:+OAWAhWeW4pICSjRof0cVWQ4GW/gYbOEU+9YX01k9z3AWB2c:+jWAhW82xlcdUOQGR9zBB2c

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-console-l1-2-0.dll

    • Size

      21KB

    • MD5

      6b33e6f1d77cec0901ea8e91473bc18b

    • SHA1

      a397d2c6aead0b3e57d413a8d4af7f28e67f4166

    • SHA256

      449631a3f5fadef72acc2c2f84765208d0ca014ec1fe93fb9ad805eec1d40eae

    • SHA512

      8f5214e38202719f6a7549b2b97ad24288974cfb6cf0da1e9eec5b3b2092220f2330a260b17e28afa90b90226666a765a4e64fe91107e2063cde8e285f64773b

    • SSDEEP

      192:p9qWAhWGW4pICSjRof0cVWQ4iWnYU7h+Il+jX01k9z3Az3TzRL:mWAhWk2xlcQtEjR9z83/RL

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-datetime-l1-1-0.dll

    • Size

      21KB

    • MD5

      2b4a3a51e075ab9819c6d6bc40efb4b5

    • SHA1

      bc52c10ded8b087c73229dc2f98714b5a368f521

    • SHA256

      d718e1b6c352112c2f8e36b4ba5ed28e6179257fd2fe944c4a0d404b5c15b5ae

    • SHA512

      13b07dc2247d51dad1ab9bc7df93e0d3e1bd6cc4fd16f9aff87ceffd40a56933d569a5fb82177dea7b6ea04ebf9f909f95451d123126155a13de6a85f747c592

    • SSDEEP

      192:JWAhWSWCYtvnVWQ4WWd/q+KKnAX01k9z3Adaoy:JWAhWtCqTKAR9zsao

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-debug-l1-1-0.dll

    • Size

      21KB

    • MD5

      607703b245d9b4fc69a8b5363ff626fa

    • SHA1

      dcf4626787ea220b19e08cc5bf9e55553a3a2aef

    • SHA256

      f65b1b3ea2767f98f0c29118e85b06f4e61654bec34b60b3abb593b24ec29af4

    • SHA512

      92d761f733f2c678946894ca72459b0e6dc62cd3abe1073653104689ab48c19603e6e1109c07b2f110822b424430f22d112f87c629b99d0b3ccc16e179549628

    • SSDEEP

      192:YWAhW+W4pICSjRof0cVWQ4GWk2QYIN5vCX01k9z3AiRDZXobo:YWAhWc2xlcSbUJCR9zdRFX1

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-errorhandling-l1-1-0.dll

    • Size

      21KB

    • MD5

      059129bae1776f03c59d3ba66a6f6dee

    • SHA1

      33b1dbcaba1d16eaf5413f1378119cecc1298724

    • SHA256

      a83af0f79abb5e5c818c6f38a38da80e531081f3255cb006ed4c29635cc0b9ce

    • SHA512

      6a7da7e58620bc1ce4b6d3cab1e0b746fc9fcf05a84d85931f845412301880786fbc63b31611d9442b5a1cfa72558966375ef14edc749473e2b7c988dd20b675

    • SSDEEP

      384:9f7xeiIFRWAhWWlReaLMB+6R9zqoHLdg5CG6:EFVros29zlacj

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-fibers-l1-1-0.dll

    • Size

      21KB

    • MD5

      9fa3992f5dac5ea5dfa15b9669c68154

    • SHA1

      a453fb6c4064da8c01ad03a4ea3c0434efe82635

    • SHA256

      9057131f628e547c14754d545140ad6544e64606358104da50841e9a1b03f442

    • SHA512

      ad73f3952dda55cfaa6a0d6a0233df785650f5965caa4859b6c1577e3fbd6020e60b4b26338387690cc48b16a186d2b530708a71d2671ab17ee8904399de292f

    • SSDEEP

      192:nWAhWqW4pICSjRof0cVWQ4GWGjwUBuvdOEU+9YX01k9z3AWW9q7fUV:nWAhWg2xlc7BulOQGR9zBaqjE

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-file-l1-1-0.dll

    • Size

      25KB

    • MD5

      817f9a76b7eadc1226b006ccbdd38a11

    • SHA1

      8b81897cdd4d48befa389c1df2d0b887ffeb58cb

    • SHA256

      99ed148ffbb35829480412dc64da6ad24dfabe2f9a0eff9ba1493455d7127677

    • SHA512

      53d8b2561862c6b2465665d761612aaa8b7adc887058260fbf970aac0fb006317283ada01468b1e042fd9dd44def90451793afee297ed787086645cebce45cd2

    • SSDEEP

      192:1NtaNYPvVX8rFTsfWAhWBW4pICSjRof0cVWQ4aWJLk4xOEU+9YX01k9z3AWBwCy:rPvVXBWAhWn2xlckOQGR9zBBwb

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-file-l1-2-0.dll

    • Size

      21KB

    • MD5

      e334f2fe1e0e6d5d6966f139ed328d97

    • SHA1

      68b2cd826f3dfa59531397ebb3f382dec9af5fe5

    • SHA256

      d56eae93c55abdc8eb77d132777049634e28a9b59fd4b2101d51351546b984d1

    • SHA512

      fb6ee02f06447c906a4353d93ce247e14a9a1ea4255819a88e395afe2e3775fe3aeb622b7a97d86086d88c739ba4d2e2fba9e8fd6467e167fc75d595c9182327

    • SSDEEP

      192:hsIkWAhWW7WCYtvnVWQ4OW0mOOt5equ/X01k9z3AFpYlQ:h9kWAhWWCK56/R9zgWy

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-file-l2-1-0.dll

    • Size

      21KB

    • MD5

      7f0ef1cf592d04b082b65f75584652cd

    • SHA1

      f7b9a2851a66a6a8eb509f2541b6ccc3b551f2fa

    • SHA256

      9f496e181b1c862c7a7d03c09d9b0a5361535c98acbb1a9d50a27bcfb0a2bcc5

    • SHA512

      30d2d695773e7bfd67de8691c40e571b3b91858e72eab3d78c84902b359108e9988247bf81689ab15fef6ed0a9ef62031f1937c6e7ce4ce8e1a34970ba23e727

    • SSDEEP

      192:iCuWAhWGkW4pICSjRof0cVWQ4iWwLuCFaqDu0K9X01k9z3ATd83:zuWAhW/2xlcuCFYj9R9zsdM

    Score
    1/10
    • Target

      New Setup File/x64/api-ms-win-core-handle-l1-1-0.dll

    • Size

      21KB

    • MD5

      1902b85a588178857e9637902e5a1b85

    • SHA1

      31ae4cf76a34ccbd92fdbe60bee080998741ef4d

    • SHA256

      5e48c99dd6318b017686bde507cdcb9d6ecf25f4f78f345845b865e443f1ee66

    • SHA512

      0755e9c0adc9e374060c851d4f7fa62633ec07dde0bbfd56ffc9bc8ecff5b9efd6fa8418c43e838770eed43a54a48fd61a41226d9ea84834275a4a36c7796472

    • SSDEEP

      192:jPWAhWWMhWCYtvnVWQ4OW8vpgVt5equ/X01k9z3AFpT46cuwY:jPWAhWWMAXp456/R9zg5Tcu

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks