General

  • Target

    FоrtniteHack.rar

  • Size

    606KB

  • Sample

    240528-sxatfaad21

  • MD5

    f8c2cbff104e633e897aadf3510db894

  • SHA1

    b1cc2e3273a75c4c76dd2441aa659419fe2e96ea

  • SHA256

    b9ad294c7046ebf0478fd26ead5c843ad085be2b75b384db7ce736b917bb0574

  • SHA512

    dc846b0ddd64f7b892e99188816306255143c594ccbc8e1bdc4a05b40d26a94f40609e3f3a08936baa6b06707a29142f1053fb174b3239d182501409dd0858bb

  • SSDEEP

    12288:JA7VzfovkqqFz3FRA3tDt5PpX3R+WJe5sevUJuFWEcDsCp:6Pz3FqtDt3B+Ye5soUJM4AC

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      FоrtniteHack/FоrtniteHack.exe

    • Size

      423KB

    • MD5

      2ec5aa978fa11b1fca15b1ad1a8f27f5

    • SHA1

      2b3819c3c2bf7c4a477d4dcdf4b90392ed2c7faa

    • SHA256

      22f96e32d657febaf4ebfb3a3f2e130bc81186411016f3dcd32c07ed28be0a91

    • SHA512

      c121a79e28d7421506ede67a43bbbf7652a8ebd8cf6f3a6a578742b012429a65b002ede75aec15516728a6f583703dd0e0b2564d636e8a7d5dc5f40342d86d18

    • SSDEEP

      12288:z/bcPJsS1bvMdRiNp1ioO2rubIdzSgoUPrpakgch49RP9NJsa+6RLtpnp:z/bchs6YiNpYoO2r

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks