General

  • Target

    New folder (2).zip

  • Size

    2.9MB

  • Sample

    240710-j1a4yawelm

  • MD5

    1abe265cd065a885fecb128da093ca1c

  • SHA1

    685ce317f21b26120df459e3873dbc332fc278dd

  • SHA256

    38cc2c12d990f830b1b7f448726cd95171d28a44e06fa39cd1d7467cc13ed199

  • SHA512

    71290ea40cb3d0910f4149dd327d50226c983c96cac1410c17e4957f7c4ab2f9e3dfb2073d40e9aca9e4ed2fe8decddd6a8f9a9860d542e1e55803af312024fe

  • SSDEEP

    49152:aNtO3Y5Bu20ZcpMuK14fqOX5OAuBwI9YZ7PHaXxSZamUpag2kBTgUpb0t4rrIzGS:afeY5D8cpMb14fZXduqh7PH4xYxUpE9P

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://palacecirwoos.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      New folder (2).zip

    • Size

      2.9MB

    • MD5

      1abe265cd065a885fecb128da093ca1c

    • SHA1

      685ce317f21b26120df459e3873dbc332fc278dd

    • SHA256

      38cc2c12d990f830b1b7f448726cd95171d28a44e06fa39cd1d7467cc13ed199

    • SHA512

      71290ea40cb3d0910f4149dd327d50226c983c96cac1410c17e4957f7c4ab2f9e3dfb2073d40e9aca9e4ed2fe8decddd6a8f9a9860d542e1e55803af312024fe

    • SSDEEP

      49152:aNtO3Y5Bu20ZcpMuK14fqOX5OAuBwI9YZ7PHaXxSZamUpag2kBTgUpb0t4rrIzGS:afeY5D8cpMb14fZXduqh7PH4xYxUpE9P

    Score
    1/10
    • Target

      DeviceUxRes.dll

    • Size

      12KB

    • MD5

      8d6369f9da2734e3cd36141d9019127e

    • SHA1

      0a684b0c7b033d7c8cf45cfc3d3c341aa131c442

    • SHA256

      2889091bf1caf6b87124a8cb5f2ad9b6f1ad3126d1b718b2bc5d1be6c4a20fa3

    • SHA512

      8839afcda074e0c978df6a8d1d01d3321559b288c5b24c14534ea8ef68a6958e4d16417389e6670b51dc0cb6493bed26b2613931455bd7f4774e11bd46ee0505

    • SSDEEP

      192:+mMk5VclaM7uWooWdaWj5DCr+s94MIL69LYxD05M5:+25VcQMqWooWdrofKLL69L8

    Score
    1/10
    • Target

      ProductStatistics3.dll

    • Size

      1.1MB

    • MD5

      dbef14936ec14156dbf0837668240671

    • SHA1

      750fba77eefe8dacff24cdfee6166814bedb9e08

    • SHA256

      488bd11595256d1410afe9c5dcd04b7e66b4338bc205dd0b67f26be9b53104d7

    • SHA512

      0c89542c50e89c1128eeeb3d196192d37f0b12fb8bf45fdba76e1eb30c86164123d179aef7f5cfb65a255010ddb319ebcb29ea6c68e4011b30aef4d0f5440493

    • SSDEEP

      12288:fkBNeUYJLwxwp//gGWFgYeGU8eUSq8HPi0xaf1Go4fDqarPk3BIKxtWb8888888q:cD5YJLWwp//iFgYhMS0sfJ4fDnrPGyb

    Score
    1/10
    • Target

      RegisterIdr.dll

    • Size

      1.4MB

    • MD5

      e958404bcc4d6cdd98aaa54b887c2b75

    • SHA1

      814b31639ad616cb41bf03fd77dfe74d3127b60a

    • SHA256

      8e3e1283ef8daf2d14b958fd77333237955f617a6762d32e37e4591a47a7a64b

    • SHA512

      1c9c5384491836200133fa29287b441610af0c7362e662f9b778f8a83f91bd24e03f0d91f2c399c43875aa843bb4821a58d1d967aadf3766190ac9e5a9d1f78d

    • SSDEEP

      24576:woZKyPoPJJ8L8CrOT1p8XLTjNjEAVFodCG1BoaS9Q5aiy42jaiV1N1KTh+ucvTTI:WoL8C6TeqjZ1BoFAYagqTg/vTTI

    Score
    3/10
    • Target

      Setup.exe

    • Size

      2.1MB

    • MD5

      db7e67835fce6cf9889f0f68ca9c29a9

    • SHA1

      5565afda37006a66f0e4546105be60bbe7970616

    • SHA256

      dbd3057a58fd3407c95418bc5d9c253adc8c658ee338f22d58374ed3ea37b738

    • SHA512

      bc2714bb408715e5e1cec1337b831e26dbda208183955a07ec8653a38c9c0f25f60f333a154b738927ce085e7bbff438963b941a6c2773b3e7325cd900e7651b

    • SSDEEP

      24576:LvknONWhX+nZQMcPCxOlw5etZhfAgBbBEjGf4JNhy4BPQ6MwWTbVTJBrMHACgUBh:nSXUZBP5eDxAg1z4Dhy4ZMdTJTJBrs7

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

    • Target

      devenum.dll

    • Size

      80KB

    • MD5

      2629e33f683805cf0908b5aefe13b9a9

    • SHA1

      004c9153c24290686740a5b223b27fb0ba3eb72e

    • SHA256

      eb5d028dba6abab1daa4e3c4ca46e7f58f0393041fc3a61e1430bbef126a5bb9

    • SHA512

      6cc032149383bbf532b253d0b4a3b85de0154cdcf5fc5f65f3001bd31ef9031e790ee48667d477c47bdd1c1297855587057b1a92ea1aa44ee7313bd7875a3f65

    • SSDEEP

      1536:xdE6s6ysYhaIRAfy9eY5iX2Qrk0jnZHrDQdRC3arILFPDw:xN7yjhaI9eYahk0jnZTR0

    Score
    1/10
    • Target

      dmutil.dll

    • Size

      21KB

    • MD5

      e15f5009ebbd5baa85eaa106ab249eec

    • SHA1

      6d377bcb0a524a8f2cc59e38703e70ede1639fa5

    • SHA256

      f052c6fa3d48e38d358547f9b31f05d8e47baca9565eb244c6583697caf03183

    • SHA512

      b3ddbd8f5d4293d4266ed9ce7f745490dfbc979bae15b19e6df227febc15d19e90378740c19659ce5ebf18cee8cb9591f488ea9093fa28d0f6a542fb36098fd1

    • SSDEEP

      384:7wmNTDgpGBrj3kBs4SbtEq/JvozlCM+t8Oztf9H11Ta9VWM8W/G:MmNTDgwBnkkbiuMhOpGk

    Score
    1/10

MITRE ATT&CK Matrix

Tasks