Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85a2663d50db7dff03da346ca9d01f063b135f92ebd02a5f0166136a012305ab

  • Size

    108.0MB

  • Sample

    240711-g74zgswaqd

  • MD5

    c2486568ba1d5f2c84467fcf7f2be9c4

  • SHA1

    5735ab8a8191e8f953d3a8915a32b26095e63a6d

  • SHA256

    85a2663d50db7dff03da346ca9d01f063b135f92ebd02a5f0166136a012305ab

  • SHA512

    fc7b468026fbf813eba4aa31202d05055b5c064bf102349c95829dc789987291dfdd4bd92d8621974beac75306b314c8d606c1198ad8fab52daee5cff8c3f528

  • SSDEEP

    24576:a90Ig9VOqzxDifmgEtYI/yt39qCC0ts64iNh:7PxDiMP/ytMCrts6Rh

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      85a2663d50db7dff03da346ca9d01f063b135f92ebd02a5f0166136a012305ab

    • Size

      108.0MB

    • MD5

      c2486568ba1d5f2c84467fcf7f2be9c4

    • SHA1

      5735ab8a8191e8f953d3a8915a32b26095e63a6d

    • SHA256

      85a2663d50db7dff03da346ca9d01f063b135f92ebd02a5f0166136a012305ab

    • SHA512

      fc7b468026fbf813eba4aa31202d05055b5c064bf102349c95829dc789987291dfdd4bd92d8621974beac75306b314c8d606c1198ad8fab52daee5cff8c3f528

    • SSDEEP

      24576:a90Ig9VOqzxDifmgEtYI/yt39qCC0ts64iNh:7PxDiMP/ytMCrts6Rh

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks