Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac.exe

  • Size

    25.6MB

  • Sample

    240821-cqtpzavgra

  • MD5

    ef9323bf9b60b2fa7436bd1923d222bb

  • SHA1

    d633535341399ae503de6e19e18c0a13840c9483

  • SHA256

    c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac

  • SHA512

    547bd693a7d72a5c7b194d21a9a1954f139d2890bc29c36ef9fcc3a7a4b15221b021521b5fe08c35b58f9b8f7bfb73d42d73bfbb09ea50f9a339f43ffb10c55c

  • SSDEEP

    98304:2Dv/WQ6G2lRP7lO0wrUO00iAZ6sammO51fJBEd4reXzOKMXnsZF3g:mlARP7lp2UO+457Cd+eXSzns4

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://interactiedovspm.shop/api

https://potentioallykeos.shop/api

https://charecteristicdxp.shop/api

https://cagedwifedsozm.shop/api

https://deicedosmzj.shop/api

https://southedhiscuso.shop/api

https://consciousourwi.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac.exe

    • Size

      25.6MB

    • MD5

      ef9323bf9b60b2fa7436bd1923d222bb

    • SHA1

      d633535341399ae503de6e19e18c0a13840c9483

    • SHA256

      c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac

    • SHA512

      547bd693a7d72a5c7b194d21a9a1954f139d2890bc29c36ef9fcc3a7a4b15221b021521b5fe08c35b58f9b8f7bfb73d42d73bfbb09ea50f9a339f43ffb10c55c

    • SSDEEP

      98304:2Dv/WQ6G2lRP7lO0wrUO00iAZ6sammO51fJBEd4reXzOKMXnsZF3g:mlARP7lp2UO+457Cd+eXSzns4

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks