Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
195s -
max time network
258s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
-
submitted
22/07/2024, 05:13
General
-
Target
cca8cd0abe859b327c241af3df10d3db9da0842dc6c682a6d9a53a8a88f10830.exe
-
Size
300KB
-
MD5
6f80daef4d3dc91d98636486859e9a53
-
SHA1
551c6cd0dda2c5edb2de092419a9a8d0f8cb0fc6
-
SHA256
cca8cd0abe859b327c241af3df10d3db9da0842dc6c682a6d9a53a8a88f10830
-
SHA512
11f45cec2640d4ee34ce62c3538600425765bf8ad50b317a54bc6d592702a147e78a25452f6d8ad00a6d4177cfa0eb10ed2ac1d7f29b2e408c91b6b680fa3118
-
SSDEEP
6144:iNyGUtxP8AnCkKXly63556TF1bTjLkyblgwZcp0MBQ:iNyXnvnCAzdblup0
Malware Config
Extracted
lumma
https://edificedcampds.shop/api
https://unseaffarignsk.shop/api
https://shepherdlyopzc.shop/api
https://upknittsoappz.shop/api
https://liernessfornicsa.shop/api
https://outpointsozp.shop/api
https://callosallsaospz.shop/api
https://lariatedzugspd.shop/api
https://indexterityszcoxp.shop/api
https://reinforcedirectorywd.shop/api
Signatures
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cca8cd0abe859b327c241af3df10d3db9da0842dc6c682a6d9a53a8a88f10830.exe"C:\Users\Admin\AppData\Local\Temp\cca8cd0abe859b327c241af3df10d3db9da0842dc6c682a6d9a53a8a88f10830.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3400 -s 10282⤵
- Program crash
-