General

  • Target

    d6c072aa863f06dce76099d55d3ec2f5400b0dadc9cefa781afe190e41f948e1

  • Size

    3.3MB

  • Sample

    240705-hnpk5awgqf

  • MD5

    c42124848073e38e02e16c811737ec4c

  • SHA1

    0db856d21321323d7978273f2b81186719ee4b76

  • SHA256

    d6c072aa863f06dce76099d55d3ec2f5400b0dadc9cefa781afe190e41f948e1

  • SHA512

    f74fb979d9dfccedc8fbd3db36820e077ad78946679a1d122ef600afd0834c9bc8506aba53e004459e614ac9b2fa030f0dca1349c7719d71b56a7663e6040108

  • SSDEEP

    49152:1I2wBMBpEDO8tjzxesDInzFRsfP4mf15JCeVoGL7HB0RsUDmSmgT+9Q5u0y5:1I2YMBpat82eRGHAeH7B0mUDzmgTG/5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://invisibledovereats.shop/api

Targets

    • Target

      a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928.exe

    • Size

      7.1MB

    • MD5

      d0e0173cc55e6c05976a99c9184e8e7b

    • SHA1

      e6dff80e3fbc138669f2a00d980e56c90168b596

    • SHA256

      a4ecad90d0192439284faa90ba1322d1fcb4a3d62ba110601a2b6420129ee928

    • SHA512

      ffa0cfb950354fdfa2e95fe3b0c0ac12780904658fafbb88967be5cd0a208db7ff79c22deef99b0971554348067ea652fc32dc6d36f1118d772d1caf4f43abb2

    • SSDEEP

      49152:g/BXLTVIEpSDDXjDU9oAlGSQcqLMmVssAbVSrpcWPME0d0GGlzuO3NzAojj05EiT:CdnV1azs9oAuW7s2FE0/GlS1EV+s9QO

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks