General

  • Target

    WaveInstaller.zip

  • Size

    512KB

  • Sample

    240710-ttjgvaxekk

  • MD5

    d1dfe31a35c6719ff64149dc19eb6a3d

  • SHA1

    62ceb361a8547975af38bd12e69714cfd5ae2c03

  • SHA256

    ec80950ef2655fd6e84d6a2106d851c141ae2f711f1947fff25789902afb406a

  • SHA512

    7242b7ad9b0e4c2e883ce26cd14d108991838955b0c8f6652a57887decef329cd52b8f297ec03ba7429cb4d10efb885543b18a9e31f9009b8962a90ea6e677cf

  • SSDEEP

    12288:xh1WTLLv/G2FcquZUqn4Kc9xgW95toNBbEPHuTknNnj:4PzdcqTI4hxxWNBbA7j

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://bitchsafettyudjwu.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      WaveInstaller.dll

    • Size

      40.1MB

    • MD5

      a83f2029780616b1da0720cf18d42710

    • SHA1

      0f73fdd2c08cfc0aaaec3975fab657c9f4a62411

    • SHA256

      5293906294c815b9646911067f4b71d060714fbc62d3a9cd5f0b3cc33ae2e77e

    • SHA512

      ee1ce644144173e2cf6a55c208914f990294bd4276ad3853fd221a96ed41ce025455de4e8764fe801821d9fe7d90a6159fdd47d432a6978950ee361fa908a06b

    • SSDEEP

      24:MaaaaaazaaaaaazaaaaaazaaaaaazaaaaaazaaaaaazaaaaaazaaaaaazaaaaaaI:n

    Score
    1/10
    • Target

      WaveInstaller.exe

    • Size

      629KB

    • MD5

      535de7c69bf1dcb0da75019378d1013c

    • SHA1

      86431b08e2aa7d894b24b63d79c7a0528c4aafe9

    • SHA256

      3a8885e171cf29f974602ae3bd8b6af640977748b131c3aaa317712884c46b4c

    • SHA512

      7ca6f5689fc298ea94eef82f7b21a0c51ed6d74cf5dd0d7fc3a042ed9c421f1002dd2fbeea09ff199b9d2c932d4d54d43b4b885a57107383ac090d6001ec0086

    • SSDEEP

      12288:qbhEv/GoncquZUEn4scjlgW9AbOFQZxuZwgOIU+At0++xs06MS6Vo1dAu/FPbACe:qbh8fcqTy45lgb

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks