General

  • Target

    #!SETuP_9050_PA@$sW0rd!~!.zip

  • Size

    9.0MB

  • Sample

    240710-me2xbascmj

  • MD5

    fe8bba851ad0de7bc86198308f6f7d18

  • SHA1

    6202d6718c8d534de5a84574c6668425b9ab208c

  • SHA256

    0a89f60c9186d7e4ea96d84bd2634a50e68b2eac0859e7185ea5bf4d6709a725

  • SHA512

    d236721677680905c272700bea40879419b1968fbdda2ea5251331c83bbd773e47d77560e64645884752acb6c211ff6a57b303ede3c650a4ee231ead54cfc039

  • SSDEEP

    196608:+2YADNGTqXPQcZdV0HLMXF3dCB1SXntZndnINETyIqsFOqP4WB5ovZOO8evnY:zaqXYSV0r0y0t4E2KYqP4MmR6UY

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://unwielldyzpwo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      #!SETuP_9050_PA@$sW0rd!~!/Setup.exe

    • Size

      1.1MB

    • MD5

      f975a2d83d63a473fa2fc5206b66bb79

    • SHA1

      e49d21f112ab27ae0953aff30ae122440cf164b9

    • SHA256

      6a2d3876003f6c68f824df4f0033564d8c230716908ba2e6c06ea1dd6d5f98e8

    • SHA512

      4af4ce56bf131432d488ed112f8858c1e1392d013c6ac0603f2fd70ed513091e35854c0f678efeab7fa9a551517c6b9698f40a92729112de4b852fa3c0c69d64

    • SSDEEP

      12288:IbCylcTVPbi7vT1K7n6HpVkg8KHIo5u0K1VmMxEnbuvuY2jTU+LHMA+nk2oG1ts:4lcTVPbikTMkg8KH/mmMxnvfphx8

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks