General

  • Target

    ade756d0226cb83732da91e85456c095fdc355b75879cd68cc92d6da2efe71a3

  • Size

    3.1MB

  • Sample

    240707-kdfataxglm

  • MD5

    044829832c0d67a5f0e1f79316f1f039

  • SHA1

    3694184da2e567fc594ececc5308785265eb446a

  • SHA256

    ade756d0226cb83732da91e85456c095fdc355b75879cd68cc92d6da2efe71a3

  • SHA512

    2805d2edb568146a3fd385041da7da3db5844b473fb1ede1c0538c1ae668ddd0e03e25d43053b17c5f518a90bb81fd39363a67be6500640c9eff671c50cb0fc9

  • SSDEEP

    98304:OUvyeWwNyFUoWArXafuo8eX7x+6celDlMhPS:OcXHNyFUobrXzzeL06cUk6

Malware Config

Extracted

Family

lumma

C2

https://bittercoldzzdwu.shop/api

Targets

    • Target

      Set-up.exe

    • Size

      2.7MB

    • MD5

      870feaab725b148208dd12ffabe33f9d

    • SHA1

      9f3651ad5725848c880c24f8e749205a7e1e78c1

    • SHA256

      bbf7154f14d736f0c8491fb9fb44d2f179cdb02d34ab54c04466fa0702ea7d55

    • SHA512

      5bea301f85e6a55fd5730793b960442bc4dab92d0bf47e4e55c5490448a4a22ed6d0feb1dbe9d56d6b6ff8d06f163381807f83f467621f527bc6521857fc8e1a

    • SSDEEP

      49152:C11fbWXfBeBqTww8Gkfoa0yeL8zj9JLF+lP/MatsfHVnZbhG3EVsMI62Pseaj/1n:QbWkuwwjkULhlPUatsfBxhsE

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

    • Target

      d3dx9_43.dll

    • Size

      1.9MB

    • MD5

      28f6e873515ff7cbb65cfa326b343a71

    • SHA1

      1105597391a13af6567502866101de09ca4ecfdd

    • SHA256

      6aaa17f41f3c344c6f2c061ff9f11d769ce85bd4ace071dd076fcff31e78f8d9

    • SHA512

      df1f2d2a569d26be832df78bf96992c53d2b6e51de230c0a203964d54ae25c90c52810feebe7247467129cc6214013b84251118cb330c157d0d9c131c7f2c2e7

    • SSDEEP

      24576:WyU6OIyl2Wy9M3bJ45fPS0zFZghQ6aOiFaKOE31GrvFXl74YZ29X1MDd6olmrBFX:WP66l2u45BiNYFrz31Cv3D29kd6kPo

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks