General

  • Target

    CheatInjector.exe

  • Size

    10.6MB

  • Sample

    240711-wwtfya1bkf

  • MD5

    f58d8f2437387b24567b8c322b83b2c9

  • SHA1

    2745d1d5e8a5fe8e086cc38288d177e351859e3f

  • SHA256

    17c1de7965fa4eb6a59f207af742740555ff651308dfae3c3cfa38f720c4aa6e

  • SHA512

    c61f203877bd693908098eefddd0a41b8b1c5a84719be5977395c40a115270c43ee637b619d6e02f9a003771817e14327dd710bc61bfa21e8a5fb9878f3e99fa

  • SSDEEP

    49152:u4EHheCSCzavTiJPjhNzr9ejAVggRg5TwttqRqZ+N9YPyny/l/u+dNftDSZjobm3:pN8abQjAEg5vUrPwOsREV7FzJulfv

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sensitivyitszv.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      CheatInjector.exe

    • Size

      10.6MB

    • MD5

      f58d8f2437387b24567b8c322b83b2c9

    • SHA1

      2745d1d5e8a5fe8e086cc38288d177e351859e3f

    • SHA256

      17c1de7965fa4eb6a59f207af742740555ff651308dfae3c3cfa38f720c4aa6e

    • SHA512

      c61f203877bd693908098eefddd0a41b8b1c5a84719be5977395c40a115270c43ee637b619d6e02f9a003771817e14327dd710bc61bfa21e8a5fb9878f3e99fa

    • SSDEEP

      49152:u4EHheCSCzavTiJPjhNzr9ejAVggRg5TwttqRqZ+N9YPyny/l/u+dNftDSZjobm3:pN8abQjAEg5vUrPwOsREV7FzJulfv

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks