Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    github.software.1.3.9.exe

  • Size

    20.6MB

  • Sample

    240711-b9evgsscpm

  • MD5

    2c096c46d1011d83c1617dfc1da3c4ef

  • SHA1

    afe98a6b8d9a05b8e7eaa5d5eb36ff5abd1bf645

  • SHA256

    3ff74f5275a2ed06959e63a3e321d051da4d7167efc3f6f3d80fbc134a187b3c

  • SHA512

    69cc2076efc119e4ae4ef0afe5d48ff8cbb0034caa78943f42a220a2929afd11a5d9f9a15710def565958973105d377b185d064d675d4e87a066040e7eb5b298

  • SSDEEP

    98304:0kMaaxVrMnORUn/5Z6i7IB8sS4oYBoODZG9+5yU3jeluHMCaNEwp0o0/1cv:Oo/5Z6iIBnuceKMCb2

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sensitivyitszv.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      github.software.1.3.9.exe

    • Size

      20.6MB

    • MD5

      2c096c46d1011d83c1617dfc1da3c4ef

    • SHA1

      afe98a6b8d9a05b8e7eaa5d5eb36ff5abd1bf645

    • SHA256

      3ff74f5275a2ed06959e63a3e321d051da4d7167efc3f6f3d80fbc134a187b3c

    • SHA512

      69cc2076efc119e4ae4ef0afe5d48ff8cbb0034caa78943f42a220a2929afd11a5d9f9a15710def565958973105d377b185d064d675d4e87a066040e7eb5b298

    • SSDEEP

      98304:0kMaaxVrMnORUn/5Z6i7IB8sS4oYBoODZG9+5yU3jeluHMCaNEwp0o0/1cv:Oo/5Z6iIBnuceKMCb2

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks