Overview

overview

10

Static

static

3

PEiD-0.95-...le.bat

windows10-2004-x64

1

PEiD-0.95-...in.vbs

windows10-2004-x64

1

HellPr0jec...er.exe

windows10-2004-x64

10

Resubmissions

31/05/2024, 19:12

240531-xww3haah36 10

31/05/2024, 19:08

240531-xtpkmsag46 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    GalaxyPr00j33ct2.53v.rar

  • Size

    7.1MB

  • Sample

    240531-xww3haah36

  • MD5

    36beb619f1b910dc36e094c3081cc8cb

  • SHA1

    b0c52523f06aa89e3ebf4d00c67fa9948ac017c8

  • SHA256

    14901b9821d4b33d3f6205108cc88ddb5886da1e78b250dc6994e7587e847e6e

  • SHA512

    8adebe8525106f7aa70f022b55c2e45674a390704b5393d1a81a53db2ba0705549a1c141f36bcff61f201e47279e6478195d3cf33dda8aca7fbf54b9a168950e

  • SSDEEP

    196608:O6vfcpuO01J7EFiA38Iz0OYE8BL0p2L5S8e1HJM/R:O6vEubJEoAMII7BZ9S8GpM/R

Score
10/10
lummalinkpdfstealer

Malware Config

Extracted

Family

lumma

C2

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      PEiD-0.95-20081103_ExeinfoPE/pluginsdk/MASM/compile.bat

    • Size

      152B

    • MD5

      c08fe1558e092e9d6a601e8f455454ca

    • SHA1

      c200afafe6b91f2e9356cc72c3b093465c13dd7d

    • SHA256

      31d198367b1cf69adaad5ae06ce436ae00782982db97aa2098c375fb565623fa

    • SHA512

      92ae3c0b4b3041f9e7a055b05c3bf84587ae7b3999940d69aa4dcfa9fc6b7c552ad21bb4f7fcd138707f5c529d29167b2df24c5254f969056b19e26ce7b09b5a

    Score
    1/10
    behavioral1

    • Target

      PEiD-0.95-20081103_ExeinfoPE/pluginsdk/PowerBASIC/PEiD_Plugin.bas

    • Size

      2KB

    • MD5

      aa7188ca1ce0f984c1372e105e4473c6

    • SHA1

      81a81930f914b8fae0d8333b7e6a56444af7dacd

    • SHA256

      488b9f368fc688f05abb80a1bd6251cb203ddcddf3ab7479e420d5baab7801d4

    • SHA512

      0aaeb5ba404e911460c48536fa155d448ceda4847d00393da7091748ec419fba7431b9ed39824c60f6a902d0c299d92e6268f88e9e8bd0befdedda57d032e3a0

    Score
    1/10
    behavioral2

    • Target

      HellPr0ject.4.36ver/Loader.exe

    • Size

      494KB

    • MD5

      c21d70fe60b7b18d674e14778a0d507e

    • SHA1

      6e336a8278bfe8f352058220508072e76534a919

    • SHA256

      0a77d8f0cbf94efb3c4143f765837c4077bb501b7215bd1dbca06526dc897878

    • SHA512

      64698dcec0dcc143d4d08a85161241b0c186686f8654cfddc5dcf6197e5af10462d8d7835b416f70479e15f075de1d7f5f5c86dc1a7d346a332922237f5ed5cf

    • SSDEEP

      12288:yChmxOktRYiWMcvqBLiQ2Wxp3uZG9E3sjUC:5AxRSDqMUxpeZGYsA

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral3

MITRE ATT&CK Matrix

Tasks