General

  • Target

    3d0e88c3d98ff52d7a4a9f6e47872c70.exe

  • Size

    6.6MB

  • Sample

    240706-egtdysxfka

  • MD5

    3d0e88c3d98ff52d7a4a9f6e47872c70

  • SHA1

    a18e425aeff4390b9feee83b523bb108ea26c8e1

  • SHA256

    25a73f951de64a2002227a01c1365c291059d578db3bbd9da01eed67ebe19839

  • SHA512

    968553a41c5b8e2ebed773327609c0f09ac4ed1243aa9cd0d38cb6e7b7cc3408bea88261da5cb14a91990574510ac81732e91cc7f57caabd288e9aa4a10c564c

  • SSDEEP

    49152:T2pLnmlP4CRmgkWXfaadQ7hKIP0bgHdno22ctHNjjODAvjV5E8ZkqhHmX5uBhSWB:XP4OBXi0bgHdnhLXE8YrK/5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://asdasdadskewk.shop/api

Targets

    • Target

      3d0e88c3d98ff52d7a4a9f6e47872c70.exe

    • Size

      6.6MB

    • MD5

      3d0e88c3d98ff52d7a4a9f6e47872c70

    • SHA1

      a18e425aeff4390b9feee83b523bb108ea26c8e1

    • SHA256

      25a73f951de64a2002227a01c1365c291059d578db3bbd9da01eed67ebe19839

    • SHA512

      968553a41c5b8e2ebed773327609c0f09ac4ed1243aa9cd0d38cb6e7b7cc3408bea88261da5cb14a91990574510ac81732e91cc7f57caabd288e9aa4a10c564c

    • SSDEEP

      49152:T2pLnmlP4CRmgkWXfaadQ7hKIP0bgHdno22ctHNjjODAvjV5E8ZkqhHmX5uBhSWB:XP4OBXi0bgHdnhLXE8YrK/5

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks