General

  • Target

    github.software.1.3.4 (1).7z

  • Size

    6.1MB

  • Sample

    240708-bn3dnavhkq

  • MD5

    e9b4ad9456355f6fa49f64ab6cd0831a

  • SHA1

    aedf825deafdf2974493ed05bf1d68f7d430009d

  • SHA256

    f73103f2994778dd7c4607e5cad207c5695ace476bf50c3c34127f3fcb5cdf98

  • SHA512

    9f09aa11b60c906cae133247d61ae94a9979298c46ba103d9a8471cbcae29198b2dbce5e4f3739181231ce0ec4d84cef70d595d875f619acef614bedd001e13f

  • SSDEEP

    196608:c7YUeeGhAHpaxmHbTHh9ivZsLikTFQ6ox5:c05LhiHjhWZePF25

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://nobledpcowep.shop/api

Targets

    • Target

      D3dx9_43.dll

    • Size

      4.7MB

    • MD5

      397cb6132f9632189d6f2b3bc9bb2b04

    • SHA1

      f7113885294e61f21e6021f6f3a50bb0eb60b0a6

    • SHA256

      a34174c9e4bbeb8b8592221e4e0fbf273e008c475875b5a4af45f5266ed58373

    • SHA512

      0e5bcf302a6dbb76cfb7e00476d41367851df9b42e2f9b0c821fd6db018fda30a2b405026d52a7677af65d35ddc4405260c1bd9eb47c22154b23f77be56dd336

    • SSDEEP

      6144:jQfN8PRtFlJntIkeUXpWeqQ0c4nr+O12Agvtt1tG5P0M3eFBXUuZLf0W/vouIs3w:1LheqpwQZOqvM1TKPr

    Score
    1/10
    • Target

      Setup_v1.3.4.exe

    • Size

      11.5MB

    • MD5

      4407d3e6cf34ee94e5f3d514aa144fef

    • SHA1

      e3a95c3fb1edf7561c7419df2a43fd23ddce6cca

    • SHA256

      c0f35e51700b4ce070f2ed6f383709d28cd2c29eda69479362e6d3be6bbf759c

    • SHA512

      9df1e411cae441b88e52a616062f609758a2c94606a4c336be95c7dc0ff06ca24826885d1b63e05591eca59319c74c0cca77e738195d4709c4e53b66b22f4197

    • SSDEEP

      98304:5+RQse3XIVUiJU8CKTzZ/taJuVL3kLAOEg/lw7Qfad:cQZFgZ/taw3kLArCq

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

    • Target

      Shell32.dll

    • Size

      5.9MB

    • MD5

      6cc4f16086d2c40fb1c3119cfad11626

    • SHA1

      99d16f2a2064db9606b56550d8c67e629e5b79ed

    • SHA256

      976be1fa97db8707e14aa8a93c2b8e8762ae09eb225b457ef9ed0f219fdb3c00

    • SHA512

      a1e1b629a23013063c9e7989d0ff12070bfd1d2f796e8a4fe80260d8071712d1bba12e1e8feb938f441774462d151bd4ef8d82c63b2732afa44e3ddaa65607d0

    • SSDEEP

      12288:N4eloJM2aqvHcja5h3Y8YAdRAP72ObgUJ50EAHSH3hNF6D+fOO/2x2QRcpBndnmi:NphHNHhiehBxJx99HMeUG

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks