General

  • Target

    !!!#SetUp_22334_Pa$sW0rd$$.zip

  • Size

    18.2MB

  • Sample

    240703-yclm4awfja

  • MD5

    5d5dd0102521e3a7fb991382594875c9

  • SHA1

    4e095553f113cbe648572e93f2caedb8d1e4d47b

  • SHA256

    e1fe2761d7bcfe273cc2787e5810450b67140a851796987574f9fbee8907dcad

  • SHA512

    42bc77dd4970995ca8d5c1cb4d2f4bb1fba6cb4361e9a15b14cbdde1b6e44aa1722276d5d1b8a54174b367e388010dbb282f694ab171a8690bd44e37755ea8c1

  • SSDEEP

    393216:fsRsgaYRGU22AVqUjHi3qVJ3RPo28BiyK1LrFQND/iA0uLYv7X3xaQwkjR/xiRJ:fsKBYRGOTU+g3RWBm+9iPdaojziH

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      !!!#SetUp_22334_Pa$sW0rd$$/Setup.exe

    • Size

      4.3MB

    • MD5

      4cba82135c6e44265dfb2a4845dff950

    • SHA1

      7dbce4c16cbd045ce8a3c2ea15df7fee3df10bcc

    • SHA256

      e6d5ef67201ef8ed953a36a6fb44aaafb40dec7a4002efb7ebe6c20f35244495

    • SHA512

      81441841a5fb6fc9507407ea9f07c16d98a1a3ca7c5eb4dabe92cc6fb93f0641ac681906dabf7aedab32a3cb6289cc2922e03bb33210eac72170797e82df60cc

    • SSDEEP

      49152:w8mxtRio/dXZg+KXXI7QKS/++2+UEaipCiPdCQIhdwIxKoZqD6uoZqUO3HoaPgoR:M92/++2+/pDNB3HokjGbc

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks