Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    release_resources.iso

  • Size

    13.6MB

  • Sample

    240719-3xxcjszfrd

  • MD5

    85be351ed5fec838f194b66689514cae

  • SHA1

    34a62430df298bb65a07480dd05fec4ee9b94430

  • SHA256

    aa8c290181a84955417dd9d3535d5941999d035a308742775c3096f1e20ea187

  • SHA512

    e9b40e958cc1c56c435742c591eb08c2b9cb042ac4d8c6e4b2ed88e1f940343a1f29c659eeab07ef0ba36b14b237f6f05b9a3cdab40c10d9df8cc6966783cc5e

  • SSDEEP

    196608:1QhsOeAOWOM/FE1mNHiFc3hr7UTaZnhOtXw:ihsOlOwFC8Hiu3hr7TZn0tXw

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://survivedosaz.shop/api

https://applyzxcksdia.shop/api

Targets

    • Target

      release_resources.iso

    • Size

      13.6MB

    • MD5

      85be351ed5fec838f194b66689514cae

    • SHA1

      34a62430df298bb65a07480dd05fec4ee9b94430

    • SHA256

      aa8c290181a84955417dd9d3535d5941999d035a308742775c3096f1e20ea187

    • SHA512

      e9b40e958cc1c56c435742c591eb08c2b9cb042ac4d8c6e4b2ed88e1f940343a1f29c659eeab07ef0ba36b14b237f6f05b9a3cdab40c10d9df8cc6966783cc5e

    • SSDEEP

      196608:1QhsOeAOWOM/FE1mNHiFc3hr7UTaZnhOtXw:ihsOlOwFC8Hiu3hr7TZn0tXw

    Score
    3/10
    • Target

      out.iso

    • Size

      13.6MB

    • MD5

      85be351ed5fec838f194b66689514cae

    • SHA1

      34a62430df298bb65a07480dd05fec4ee9b94430

    • SHA256

      aa8c290181a84955417dd9d3535d5941999d035a308742775c3096f1e20ea187

    • SHA512

      e9b40e958cc1c56c435742c591eb08c2b9cb042ac4d8c6e4b2ed88e1f940343a1f29c659eeab07ef0ba36b14b237f6f05b9a3cdab40c10d9df8cc6966783cc5e

    • SSDEEP

      196608:1QhsOeAOWOM/FE1mNHiFc3hr7UTaZnhOtXw:ihsOlOwFC8Hiu3hr7TZn0tXw

    Score
    1/10
    • Target

      Setup.exe

    • Size

      12.0MB

    • MD5

      a7118dffeac3772076f1a39a364d608d

    • SHA1

      6b984d9446f23579e154ec47437b9cf820fd6b67

    • SHA256

      f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0

    • SHA512

      f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890

    • SSDEEP

      98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

    • Target

      accusal.xlsx

    • Size

      38KB

    • MD5

      4315e3ae033987f8c73f068bf69367a9

    • SHA1

      948550adb9ef2790f4bf50f8fd8613aedff8b499

    • SHA256

      bc6343ad3ddd6abc92797920a214c3ea4eb90b2df3e8604fee2b517be928d22f

    • SHA512

      d5dee8955708c677fe0639db3b271f66d6a3caf37255ce6d83b86afdde0cd142849e30f47ba7151acc4b01f07eed2ee15b8ef8a90bb951b518b85572c04d5510

    • SSDEEP

      768:nEEDwGCk5d47qHnSkz7stpY0Q2qmdVgh5f0R9NW9X3Z:rsCdM9UMme1dOh5fEw9nZ

    Score
    1/10
    • Target

      roc.msg

    • Size

      883KB

    • MD5

      b9bc0f17b3972e68d957371dd8ca939a

    • SHA1

      0dfb3dde885953e889aa64b24c0fb93e4f7dbbf0

    • SHA256

      94fc2d64957a7b4aeca37a77a2c90496f4727f767a062a04d5be16e9bdd2d409

    • SHA512

      df402feeee67aa950c75f2448810f44ff96f9362f30da457a7271048553d3ee30065f61ac1a1e57339907a629a84323040016937130faf412a3c16db694acae8

    • SSDEEP

      24576:dToLN3msB9yFyQu0f5jQDdTej3aQb/ll3Rm9i00:dTa2yQ9fqpTQaCwi00

    Score
    3/10
    • Target

      tak_deco_lib.dll

    • Size

      315KB

    • MD5

      17467958f4f4acbb6f945a391356b049

    • SHA1

      5a1743af1327fe2305aaa7ced49bd071b86600fd

    • SHA256

      103be64d6cbdcd1895e4eb2f20acf92b2adfe145701761f6ef49f60480c4bf7b

    • SHA512

      a06856cd0e7e97b420f2fa6f6fc379cb70494e0bddb9de9dfe56e6f0d4e394da1ec5bd083d440cce5aec984855e942167977c627f38d425ad6a7076be04f3da1

    • SSDEEP

      3072:judbAJvRdS6UwambkfOhOmesG+4ny2lV0Vm4:qdYjU2IfmRHAyQVK

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks