General

  • Target

    FоrtniteHack.rar

  • Size

    606KB

  • Sample

    240528-swa3tabd49

  • MD5

    f8c2cbff104e633e897aadf3510db894

  • SHA1

    b1cc2e3273a75c4c76dd2441aa659419fe2e96ea

  • SHA256

    b9ad294c7046ebf0478fd26ead5c843ad085be2b75b384db7ce736b917bb0574

  • SHA512

    dc846b0ddd64f7b892e99188816306255143c594ccbc8e1bdc4a05b40d26a94f40609e3f3a08936baa6b06707a29142f1053fb174b3239d182501409dd0858bb

  • SSDEEP

    12288:JA7VzfovkqqFz3FRA3tDt5PpX3R+WJe5sevUJuFWEcDsCp:6Pz3FqtDt3B+Ye5soUJM4AC

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      FоrtniteHack.rar

    • Size

      606KB

    • MD5

      f8c2cbff104e633e897aadf3510db894

    • SHA1

      b1cc2e3273a75c4c76dd2441aa659419fe2e96ea

    • SHA256

      b9ad294c7046ebf0478fd26ead5c843ad085be2b75b384db7ce736b917bb0574

    • SHA512

      dc846b0ddd64f7b892e99188816306255143c594ccbc8e1bdc4a05b40d26a94f40609e3f3a08936baa6b06707a29142f1053fb174b3239d182501409dd0858bb

    • SSDEEP

      12288:JA7VzfovkqqFz3FRA3tDt5PpX3R+WJe5sevUJuFWEcDsCp:6Pz3FqtDt3B+Ye5soUJM4AC

    Score
    3/10
    • Target

      FоrtniteHack/FоrtniteHack.exe

    • Size

      423KB

    • MD5

      2ec5aa978fa11b1fca15b1ad1a8f27f5

    • SHA1

      2b3819c3c2bf7c4a477d4dcdf4b90392ed2c7faa

    • SHA256

      22f96e32d657febaf4ebfb3a3f2e130bc81186411016f3dcd32c07ed28be0a91

    • SHA512

      c121a79e28d7421506ede67a43bbbf7652a8ebd8cf6f3a6a578742b012429a65b002ede75aec15516728a6f583703dd0e0b2564d636e8a7d5dc5f40342d86d18

    • SSDEEP

      12288:z/bcPJsS1bvMdRiNp1ioO2rubIdzSgoUPrpakgch49RP9NJsa+6RLtpnp:z/bchs6YiNpYoO2r

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      FоrtniteHack/libnettle-8.dll

    • Size

      304KB

    • MD5

      7d656bf1de08addd054e728391ef3519

    • SHA1

      5067ca56b6abfdf410aa102495c1cf6d6484fbd8

    • SHA256

      1916c2878bdc6349d84d1c6c219a934926937fc23ceb77c97d88b945dc3d644a

    • SHA512

      0bb955e4800df357a2d46625ff9234712b283f1c27ba9ddef788569f06c031710d3e0df73e91f20db989d522f687d95f42d331fa85bfeac4ecd36347405a783d

    • SSDEEP

      6144:YmVFPSeCiKBNFkDk5X5lTqqDMwlFlwKuMN8:YYPSeCiyMk5/OqFl8MS

    Score
    1/10
    • Target

      FоrtniteHack/libpng16-16.dll

    • Size

      235KB

    • MD5

      342b5f5b3ba11e867f0765d8fb2789ab

    • SHA1

      57a95502936c033a667172ab3a73f9ce5a91651f

    • SHA256

      74d4708664ee397fe2b5be139792cd188857e4b61d399b9b4d9562f140b46f0d

    • SHA512

      8723d3a22daede770efc542a0efca284fede977abc0cb5b18712e076a2bd68504c032f395ec5643ccd189e76a30b7ee244a5448d60d8067555e16c51a7b64b8f

    • SSDEEP

      6144:PnClFOtV9yvLwdZRLFfn4lShPNEoDHHpwpFLhKN5:PBVQgRLFfPh1E+HpeKD

    Score
    1/10
    • Target

      FоrtniteHack/libraryfolder.vdf

    • Size

      125B

    • MD5

      8760dccce6639e32519fae960c77e4c6

    • SHA1

      9b21a349868ebcb3c11764e12366d7f301cdff93

    • SHA256

      44d80569fa294e24ae57f189fe5a587f51e46e3ee2360b888b44d69b516c89b4

    • SHA512

      a980c5e8809b32606849e97a95b3a4b5e9e8b131cf69cd36fc60275ad7173eceaad3fc3a6fa03cc0cafbc2545076172e983c0734637ca11374f3e7f1bceadb84

    Score
    3/10
    • Target

      FоrtniteHack/options.txt

    • Size

      4KB

    • MD5

      65fb590f1386c03a055d6dec92694a11

    • SHA1

      1150a89ec66cba8f5f1c4298dbba3ead338e9824

    • SHA256

      844b5770d897dce925425aa264669840a2c726c11a7dedffa5f079f67dfea52c

    • SHA512

      be46912c945282bdd38d464b9e3dbd866857f87530a87b26ccdc1a0424d2187424c9af0ec9c5f7488cddef905fcb0a5c5df46af49a98351aa2862c6cca8089be

    • SSDEEP

      96:NRwKRxQVwRC8u6jIDv6bY3PyNbnUwiUQ4H6PDhD53jCDa2jADUj/WM6t62gKguYj:vPDtcv6bY3PyNbnUwiUQ4aPDhD53uDTd

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks