Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    git.software.v1.0.7.7z

  • Size

    5.7MB

  • Sample

    240808-r17f5svdlp

  • MD5

    670b2d2fa8c1db4d7d4845dfa1358611

  • SHA1

    122b1faabf95468a966e7771dbad4f4e90cdcfe9

  • SHA256

    74bc915d2f3891a32a3d88b28fb50ea86f5e1f8f8e63582e208e065ed1862eb2

  • SHA512

    be2d59f9651060a7ddad4d6c33ee009ba21024bf2d9a9c70b33583f25a896d6e191b8f8c2a4483f78724d83b0933014bf1620e4e144cd699deb0f177750dc2d1

  • SSDEEP

    98304:sYLR2g0MKcmM3VCY27N8yiL0vbedGFdFjLzjshKIZCny0CpORJz19CBKyzXtX44I:RNNmyVv2x8jg6edFvzYhhQy0QObzu4yC

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://weaknessmznxo.shop/api

https://unseaffarignsk.shop/api

https://shepherdlyopzc.shop/api

https://upknittsoappz.shop/api

https://liernessfornicsa.shop/api

https://outpointsozp.shop/api

https://callosallsaospz.shop/api

https://lariatedzugspd.shop/api

https://indexterityszcoxp.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      D3dx9_41.dll

    • Size

      4.7MB

    • MD5

      397cb6132f9632189d6f2b3bc9bb2b04

    • SHA1

      f7113885294e61f21e6021f6f3a50bb0eb60b0a6

    • SHA256

      a34174c9e4bbeb8b8592221e4e0fbf273e008c475875b5a4af45f5266ed58373

    • SHA512

      0e5bcf302a6dbb76cfb7e00476d41367851df9b42e2f9b0c821fd6db018fda30a2b405026d52a7677af65d35ddc4405260c1bd9eb47c22154b23f77be56dd336

    • SSDEEP

      6144:jQfN8PRtFlJntIkeUXpWeqQ0c4nr+O12Agvtt1tG5P0M3eFBXUuZLf0W/vouIs3w:1LheqpwQZOqvM1TKPr

    Score
    1/10
    • Target

      Shell64.dll

    • Size

      5.9MB

    • MD5

      6cc4f16086d2c40fb1c3119cfad11626

    • SHA1

      99d16f2a2064db9606b56550d8c67e629e5b79ed

    • SHA256

      976be1fa97db8707e14aa8a93c2b8e8762ae09eb225b457ef9ed0f219fdb3c00

    • SHA512

      a1e1b629a23013063c9e7989d0ff12070bfd1d2f796e8a4fe80260d8071712d1bba12e1e8feb938f441774462d151bd4ef8d82c63b2732afa44e3ddaa65607d0

    • SSDEEP

      12288:N4eloJM2aqvHcja5h3Y8YAdRAP72ObgUJ50EAHSH3hNF6D+fOO/2x2QRcpBndnmi:NphHNHhiehBxJx99HMeUG

    Score
    1/10
    • Target

      git.software.v1.0.7.exe

    • Size

      15.6MB

    • MD5

      90c13e75309502ad8124a8f895ae56d9

    • SHA1

      83adf64840a1261f6e89c49922a460c9ab524297

    • SHA256

      49d778c8e38940be1ef4315fa0169a33e0284ea65abe00b3e827bb48a7654904

    • SHA512

      da840a8a0fbe2633a479122fd74a8eea6717ff939fb88fcd9abed000898ba98c184d398c0a941a641e982daf7dbe0717f6409df8e1f12a2bed223c49309ae226

    • SSDEEP

      98304:sZnfpKHJeY2VwGQRD28rozFZTcUEFMx96LJ:PH72VwDV2HFJgFx

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks