Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c239349587...ac.exe

windows7-x64

1

c239349587...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac.exe

  • Size

    25.6MB

  • Sample

    240821-cqtpzavgra

  • MD5

    ef9323bf9b60b2fa7436bd1923d222bb

  • SHA1

    d633535341399ae503de6e19e18c0a13840c9483

  • SHA256

    c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac

  • SHA512

    547bd693a7d72a5c7b194d21a9a1954f139d2890bc29c36ef9fcc3a7a4b15221b021521b5fe08c35b58f9b8f7bfb73d42d73bfbb09ea50f9a339f43ffb10c55c

  • SSDEEP

    98304:2Dv/WQ6G2lRP7lO0wrUO00iAZ6sammO51fJBEd4reXzOKMXnsZF3g:mlARP7lp2UO+457Cd+eXSzns4

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://interactiedovspm.shop/api

https://potentioallykeos.shop/api

https://charecteristicdxp.shop/api

https://cagedwifedsozm.shop/api

https://deicedosmzj.shop/api

https://southedhiscuso.shop/api

https://consciousourwi.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac.exe

    • Size

      25.6MB

    • MD5

      ef9323bf9b60b2fa7436bd1923d222bb

    • SHA1

      d633535341399ae503de6e19e18c0a13840c9483

    • SHA256

      c239349587f9cd75f79c2490c851a64883c55f608195b2572e5c1fa73d1432ac

    • SHA512

      547bd693a7d72a5c7b194d21a9a1954f139d2890bc29c36ef9fcc3a7a4b15221b021521b5fe08c35b58f9b8f7bfb73d42d73bfbb09ea50f9a339f43ffb10c55c

    • SSDEEP

      98304:2Dv/WQ6G2lRP7lO0wrUO00iAZ6sammO51fJBEd4reXzOKMXnsZF3g:mlARP7lp2UO+457Cd+eXSzns4

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks