General

  • Target

    !ŞetUp_75931--#PaSꞨKḙy#$$.rar

  • Size

    9.3MB

  • Sample

    240706-j9ajrsvckd

  • MD5

    320e63fb53801062b113367dfb08de0a

  • SHA1

    c2c3f125a8e027fdbff280a4b9441942638c7a0d

  • SHA256

    2a3a098e787dbbac200416572adab711ce59a1f7712d67b43f081bdae209ef73

  • SHA512

    36d7f99263679038fed804a71f18a701b06558cda707ce87af2a600730d112c470517a1fe09572cb4a1951ca2b61899db44667dae66170d26e599becdb5e0b0b

  • SSDEEP

    196608:HJT1R0BQmGBF6DUj+hbU8ImNzhCL8irFyVCwU5HhHn0XlUAbR:HJTz0eN0D/w81zmZ/w6BHcU0R

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://bittercoldzzdwu.shop/api

Targets

    • Target

      Language/chrome_[1MB]_[1].exe

    • Size

      1.9MB

    • MD5

      068cf70414b79cd8bc078497553389ed

    • SHA1

      d9778170404ad0435ab82ebba3fb5515831dd17e

    • SHA256

      c532ffa77b220ac54083dffb2286c526c2873131448e3a37fe29dbee6aa028b4

    • SHA512

      89b69a9c53530605573d7816eb625840404251e9407fa6041492fa5ad21bfe21206f2fa5bb21f4b85017c5a39daabe13f51c615f54ce08fffaeeb5556bdb45ad

    • SSDEEP

      49152:9b8W92V8WpGaPIgI0GW5VuwHDoTZyMB0q7ug52I8:mW08WpNPLGY4wHDoTZyMjSF

    Score
    1/10
    • Target

      Language/en-US/AutoWorkplaceN.dll.mui

    • Size

      2KB

    • MD5

      a311c98e7cb3bc2c6f4ad9ca65e95810

    • SHA1

      481168e5c9437731ab632fcacb9c88471c008d6b

    • SHA256

      799cf32fc0515a4bcc0388d0d39618d9c67ee67a1c2000d7344c5a8120004e2e

    • SHA512

      8eefd67ab748725145db643dab47f608b66582c194e42ed412bfe31f26c36b2bd2c4e157fa1bfaa582c697de267c242e5e809be109c7ab3f61f19bd6812e416a

    Score
    1/10
    • Target

      Language/en-US/avicap32.dll.mui

    • Size

      8KB

    • MD5

      a5696b2d379fb322c7ee1e18c01ca920

    • SHA1

      0063d4f4814d4565334b5937fd83b56287ab413a

    • SHA256

      cb852e13a323c8e226b9bccc7786df3c55e4be16d9d63f4911ea0565ac879a9c

    • SHA512

      01e93385f90fd0a25d8c7da31704cf8d04596113fbc9c19199506bbb5ba978f974c65a636ea663fec0c32408a931499814f806091ef7b3d9ca59c26fa01cdabd

    • SSDEEP

      96:9XIEThBLwopUCfwpyIR3M7Pel5LdDzdlSjrviqEtp9JhZ47/5PYBtTdbhFYIDiqf:KKxy3M7P5vRULZ4S5HTbnWnUrTWQ

    Score
    1/10
    • Target

      Setup.exe

    • Size

      3.1MB

    • MD5

      b841d408448f2a07f308ced1589e7673

    • SHA1

      f5b5095c0ed69d42110df6d39810d12b1fa32a1e

    • SHA256

      69a90665113bd73b30360d87f7f6ed2c789a90a67f3b6e86474e21273a64f699

    • SHA512

      a689734048109ab7bec9491bbb7781686c19c7885166b3ca2975e2f49e956fcc388cd8ca85a4e5a8bf9efe6056f1e0d80197b7f521d4f0d4cadb10ba9ef1fa93

    • SSDEEP

      49152:pvFg5qg9BtIAHE3SM4ahx6LK2SamuZob+tCjNrv8:Jm5qGBHBLRKuZfkjNrv8

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

    • Target

      barchan.pptx

    • Size

      38KB

    • MD5

      92eff45ae68fef7d74adde110468d5f1

    • SHA1

      bb3ad15f03f70960374f3c495d69d26c6c9f09b9

    • SHA256

      0dbddf219a27ab1311e62aeb0158f95eb53bedede62cd69f065a39d73a44990a

    • SHA512

      cd4764b69f5969eb5d26f4d17b8e15cccf4c91710a63015a6c604b4951a2bdee1772b052e2bdfa00307c65cdf3d67d40adcc05c5fc7b402edabe105cf19ff147

    • SSDEEP

      768:Vcub1spIlH4pwRLXoGYGUDhVqUoWONslN8CUjG/rC/dFwj/Zv5P9aQWN:SncXmWDsmj2/j/l5Ip

    Score
    1/10
    • Target

      madHcNet32.dll

    • Size

      921KB

    • MD5

      d22b9da713ab36102c9c3d812af8c12d

    • SHA1

      371fdbf6ae6a9a2e5c0560fc94eba3290028a252

    • SHA256

      95b538b47e02d0ad2bd15d47efc18695d5e379ef61568b81ef405773d9c199bb

    • SHA512

      e5ae51f79403358af60bb3ea663251badac57414813f5537d763b0b95504a393fb2d34c94c4b7328ec13f58e74a7147d3a72e63e62973c4c5d80671be1c8face

    • SSDEEP

      24576:TlUbWq3/gquYUJ4Vgv0eUnDaE0efxfXT95:pUR4quYUJ4VgceXE0gxfjv

    Score
    3/10
    • Target

      mvrSettings32.dll

    • Size

      1.0MB

    • MD5

      d168f18b79f9f33690f011d1deb1e7cf

    • SHA1

      cf0d984ce101ec274e65e88fae07daeb26de5a6d

    • SHA256

      b7d3bc460a17e1b43c9ff09786e44ea4033710538bdb539400b55e5b80d0b338

    • SHA512

      bbf085bcbc3c1c98caba95bdf48051bac18bbd1b7314c7bb55b56e3d423fb34758cc239c237091486cc466123bf02844eaac3b4435cb535af25dc2bca625af71

    • SSDEEP

      12288:1wsE8YWuTCipwKm3ZCdX+y0Cg57ZrVmK5UhYX5NN/u3ZeEb+LJkguVl1Y1e:XIWuFKKVuig5jZ5xX5P2bKyguJf

    Score
    3/10
    • Target

      unrar.dll

    • Size

      304KB

    • MD5

      0f20d49c6211d5995fed4de7fbce06e8

    • SHA1

      6ba2e1d8ac2abd6a32b7d70303f5f5a920520baa

    • SHA256

      458f266b1aa18a1ffc6808205fabef514a02e6a3b43047c739618bda3b49d17e

    • SHA512

      cfda67fe02377fa7fa0bf0251fdb3cbbabafc6f1dea16ff2640679766cd673089435b28ca740009d3bca3685facd7cf3e32260356de12677a97c659ba1226064

    • SSDEEP

      6144:k2GkbDaKov/5qrawOZI8uN0f/UVvN3MMdZFmicMtGaGm:k2GkVo35qrawqmG/yMoPmilGa7

    Score
    1/10
    • Target

      vcruntime140.dll

    • Size

      94KB

    • MD5

      11d9ac94e8cb17bd23dea89f8e757f18

    • SHA1

      d4fb80a512486821ad320c4fd67abcae63005158

    • SHA256

      e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e

    • SHA512

      aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778

    • SSDEEP

      1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks