General

  • Target

    git.software.1.0.4.exe

  • Size

    17.5MB

  • Sample

    240711-yl9fhstfka

  • MD5

    f53180afd5e43ac786687e6669cddab9

  • SHA1

    4b51d99271c68ebf54194e5b7e63bf712f49cd83

  • SHA256

    6cf7357b0dbb9f2f0b6bdb2e48971cabec7a3f0685716abca45d4800f9702988

  • SHA512

    c6ae4077fa5b4988996d076bc489f2e74aa1ad00152d872b674346d1228a8281af1b2a8c423e084d27e11d1b754283f13e717fc620a102d4e24fab6721898865

  • SSDEEP

    98304:MISkFWVcpTgrSL+6a9DqpVYKnewEADImKZAG:hWVcp2Sq6a9BKnIAMi

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sensitivyitszv.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      git.software.1.0.4.exe

    • Size

      17.5MB

    • MD5

      f53180afd5e43ac786687e6669cddab9

    • SHA1

      4b51d99271c68ebf54194e5b7e63bf712f49cd83

    • SHA256

      6cf7357b0dbb9f2f0b6bdb2e48971cabec7a3f0685716abca45d4800f9702988

    • SHA512

      c6ae4077fa5b4988996d076bc489f2e74aa1ad00152d872b674346d1228a8281af1b2a8c423e084d27e11d1b754283f13e717fc620a102d4e24fab6721898865

    • SSDEEP

      98304:MISkFWVcpTgrSL+6a9DqpVYKnewEADImKZAG:hWVcp2Sq6a9BKnIAMi

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks