General

  • Target

    !!SetUp_22334_Pa$sW0rd$$!.zip

  • Size

    6.1MB

  • Sample

    240710-mffqgascnm

  • MD5

    dd3d39caf9f4aadc0bd4d3168dcff645

  • SHA1

    0cfd2c555ebdfa3f76d0b1436b7ad126049d2e00

  • SHA256

    26a2fb99016281830c3b166499b2ec0e84b7b6a94a6cca6c617bbeeeb15b24c0

  • SHA512

    7574de75a1d86b9e97d066b3f85b19eb3d8dadc8bfc00b352d19cb5121dd1117cea1e06c672fba64d9eaa26c9800f79dc5025d157c9a874cd7c47877400a6bbf

  • SSDEEP

    98304:4UCnmj911GB184gVGoxyJNs296e9/yKpdfaci6bv2Stpo+jXkfc83LKp6:amjdG9wGo8gleseCcjC2p1jl83u6

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://unwielldyzpwo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      !!SetUp_22334_Pa$sW0rd$$!/Setup.exe

    • Size

      455KB

    • MD5

      c544a0e2e173c94fa9069c73e7af6367

    • SHA1

      1b8040c145d6cb2af6d1d9c1dc6878d51820e53b

    • SHA256

      9d8547266c90cae7e2f5f5a81af27fb6bc6ade56a798b429cdb6588a89cec874

    • SHA512

      f47694025fad1c67b727c9836d3663fa0f251a46e855e78e4c323beac1d82d13632e10d16e06e0d81718953ed6e06ee5e918195268ba988f3e555b432f1784a7

    • SSDEEP

      3072:JrD9fI1D2oKZrGp4Lczp9+fOZveTHdHZ0Cp2Sb0Q0F:U1D2XGp4LczSOle5Zzp2Wg

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks