General

  • Target

    Git_softwares_v1_7_9.7z

  • Size

    30.9MB

  • Sample

    240528-shffdaah84

  • MD5

    d3970e8b89ba33f0b6900b851e34f2e4

  • SHA1

    e7103436ef7ed5bc940000bf4ab5d1a5c52858bb

  • SHA256

    c3c31f8dfe07919f97abfbd20802ead07c817d4a6d48ba6305444ee36e1da04a

  • SHA512

    43706db19239d202ced03c5a8a352bd9fd231871a827f525a35f8b21cf35378071e62639608e2603e7817690d5c28fba6fe787cb987355d9f427b53c292a18e8

  • SSDEEP

    786432:YQdQLGEWtApqdZVh1vSUjXWC1ahGgNfNBML93EVC5o/r:YQiyh1vTjXWNlNBML9KwY

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://catlackjellyodwps.shop/api

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      Keygen/mit.dll

    • Size

      1.1MB

    • MD5

      67130d64a3c2b4b792c4f5f955b37287

    • SHA1

      6f6cae2a74f7e7b0f18b93367821f7b802b3e6cf

    • SHA256

      7581f48b16bd9c959491730e19687656f045afbab59222c0baba52b25d1055be

    • SHA512

      d88c26ec059ad324082c4f654786a3a45ecf9561a522c8ec80905548ad1693075f0ffc93079f0ef94614c95a3ac6bbf59c8516018c71b2e59ec1320ba2b99645

    • SSDEEP

      24576:CBULPHc9UKJayhv6uaDGXcRY0Pt4eY/qL6I4tPxVCBfe6w:L09UpyuDMaoHI4tPxV56w

    Score
    1/10
    • Target

      Setup_v1.7.9.exe

    • Size

      26.3MB

    • MD5

      4974adf05d7c4ef2d31e73d272356ffd

    • SHA1

      8bc856e31575dfa1c84e392558c1385a46cdaf92

    • SHA256

      8b392082e0f905840b9a6dd6f002ca39fea3900946da10055574cabe6395fb48

    • SHA512

      fcb2ad2e1a1b7c8ca150217c41ede1a7afc28bc4058f7a215f5d4d6bd1dca2c7d90dee10c44acbc1c04b4a8b8ac6084e159078dc9dd626dd8ff1b096e52fc11c

    • SSDEEP

      196608:kqfdzqGiXvY1PT/uMUGLCyDt6EJAr8trWz:rfdzQY1awVDt6EJCO

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks