Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    26eceb573a9b370e188212f4f8711697.exe

  • Size

    2.8MB

  • Sample

    240819-jnn52asbra

  • MD5

    26eceb573a9b370e188212f4f8711697

  • SHA1

    394d5b69c5801346b5f031a79166b019b2be97ce

  • SHA256

    90f0d7fa294a8b883497d51b97bf5bd935a3ad25d3b5010f094d28df404cd416

  • SHA512

    4d8c36e2e22974be0410cb5382bda987ba055d5168002145597f64045dfe759095a68ded7866fa25b7bf5f1d3c7602578accaf94c58d07dccb892d883dbef685

  • SSDEEP

    24576:Ine+Kl3nj44G/aT3S41O2m4zt6FJLHU7vlamWGMD0AxGvM:fl38ETSt4ztMLHU8G

Malware Config

Extracted

Family

lumma

C2

https://uttercarrigsno.shop/api

https://unseaffarignsk.shop/api

https://shepherdlyopzc.shop/api

https://upknittsoappz.shop/api

https://liernessfornicsa.shop/api

https://outpointsozp.shop/api

https://callosallsaospz.shop/api

https://lariatedzugspd.shop/api

https://indexterityszcoxp.shop/api

Targets

    • Target

      26eceb573a9b370e188212f4f8711697.exe

    • Size

      2.8MB

    • MD5

      26eceb573a9b370e188212f4f8711697

    • SHA1

      394d5b69c5801346b5f031a79166b019b2be97ce

    • SHA256

      90f0d7fa294a8b883497d51b97bf5bd935a3ad25d3b5010f094d28df404cd416

    • SHA512

      4d8c36e2e22974be0410cb5382bda987ba055d5168002145597f64045dfe759095a68ded7866fa25b7bf5f1d3c7602578accaf94c58d07dccb892d883dbef685

    • SSDEEP

      24576:Ine+Kl3nj44G/aT3S41O2m4zt6FJLHU7vlamWGMD0AxGvM:fl38ETSt4ztMLHU8G

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks