Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc112e03f5bc1eca1e3f630828d17468.bin

  • Size

    3.0MB

  • Sample

    240820-b68nds1frn

  • MD5

    5aa8ace86eb6d531bcf5794600b6ad08

  • SHA1

    bb35cf14f54d7828e3f9f983e464d84ce41c72e6

  • SHA256

    ea419e09d5c424522a483230110b80505fe5e3da2d54a2ef023cc7d1e1c6a9dc

  • SHA512

    ae1c23f0b72e26850fc0c4936baf3d76517dbb7e71dfc137cb8802c94fccc6510de40161b3a0bb18a7edb87ab4a5aa57e5fc5e6991f7b4170a22e9e0ce5dd5b9

  • SSDEEP

    49152:Fb/rFiP2+LclC7RtHDU0zUt/xXzHGt3JQ2YJZkZsyC38yFqOFsQIqlbPaiIjoKhb:1zjle3Y0zUtJXzmBODysyC3DGFNVjJhb

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://polyctendizxcop.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      a7584bfc64ddb62213e3b15f93df12a4db61ee332d24f033982c487fb90d695b.exe

    • Size

      7.0MB

    • MD5

      bc112e03f5bc1eca1e3f630828d17468

    • SHA1

      0bf7005b57804807f38c84690cd607087793c266

    • SHA256

      a7584bfc64ddb62213e3b15f93df12a4db61ee332d24f033982c487fb90d695b

    • SHA512

      c83bf61bd332362cdf470b8a0ffdd6ff111ab786b3ebeedaaa82243344ef657c510ecd07497965e15ff7200188337429e95082d60ba779c7d63856f673729fa4

    • SSDEEP

      49152:clvQaIqIanAEgHwoH/1SyH7R+NXIkGvoxVyOF85J91DpyFQLmWNb4o9jc5EXRXY1:Mv0KnAj3EHq91DpTcEX2nlKkSDH/O

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks