Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

07/07/2024, 13:39

240707-qx8pcswbjh 10

General

  • Target

    file

  • Size

    312KB

  • Sample

    240707-qx8pcswbjh

  • MD5

    adcbbc67a38a4509c52879971f065b9b

  • SHA1

    f690effb017d85d0e30844c8b0480a6456280b10

  • SHA256

    92908a08f2369d7db2e8d8851c819d9e3a2e4cd4d8acc85fa18c138b576979e6

  • SHA512

    0e923ddc3047140b1a9fff185c3d4ddb3846c63ec559c931ed362eb78ece02aa5eea7f1ddd59a726f88383fc0935d5a3e0e1ea02bc3c44baa66f9ddb09b61bdf

  • SSDEEP

    3072:3iegAkHnjPIQ6KSEc/FHjPaW+LN7DxRLlzglKMVMGk:rgAkHnjPIQBSEmDPCN7jBMVMGk

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://piedsiggnycliquieaw.shop/api

Targets

    • Target

      file

    • Size

      312KB

    • MD5

      adcbbc67a38a4509c52879971f065b9b

    • SHA1

      f690effb017d85d0e30844c8b0480a6456280b10

    • SHA256

      92908a08f2369d7db2e8d8851c819d9e3a2e4cd4d8acc85fa18c138b576979e6

    • SHA512

      0e923ddc3047140b1a9fff185c3d4ddb3846c63ec559c931ed362eb78ece02aa5eea7f1ddd59a726f88383fc0935d5a3e0e1ea02bc3c44baa66f9ddb09b61bdf

    • SSDEEP

      3072:3iegAkHnjPIQ6KSEc/FHjPaW+LN7DxRLlzglKMVMGk:rgAkHnjPIQBSEmDPCN7jBMVMGk

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks