Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

tera1.zip

windows10-2004-x64

10

0a4scandoc.exe

windows10-2004-x64

10

7z.dll

windows10-2004-x64

3

AppointmentApis.dll

windows10-2004-x64

1

Microsoft....ty.dll

windows10-2004-x64

1

WINSSNAP.dll

windows10-2004-x64

1

appraiser.dll

windows10-2004-x64

1

msvcr100.dll

windows10-2004-x64

3

wlanpref.dll

windows10-2004-x64

1

wxmsw32u_x...om.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tera1.zip

  • Size

    8.9MB

  • Sample

    240904-zrc5yawdlq

  • MD5

    46491574d8e1ffd67eb8ec96772851e2

  • SHA1

    5a155749ae4a462778bc0de9571729ca2190fbd1

  • SHA256

    ab9b2ab84fd22f3bdb4f19e72b13a0d44709bf3669420a99f4dab39758f9431f

  • SHA512

    b112316d9bc44c46e6e3f357bf3f5b47f28cc2f0d4fa0145917d02001678689fafe28b72a9add7c05e6be2ac4d969f72cea4b2cd82907b03de1fcdc75e0678f0

  • SSDEEP

    196608:jHg2lhanJrVg5iyGrDaHt4taj/V4KQ2ZYc1TWcv8+/d0Y+UfvHYuqlY8KdKHCwZa:jAY2+0Xat40jI2XZl0AXYuqydC4

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://fisstyconsumerosp.shop/api

Targets

    • Target

      tera1.zip

    • Size

      8.9MB

    • MD5

      46491574d8e1ffd67eb8ec96772851e2

    • SHA1

      5a155749ae4a462778bc0de9571729ca2190fbd1

    • SHA256

      ab9b2ab84fd22f3bdb4f19e72b13a0d44709bf3669420a99f4dab39758f9431f

    • SHA512

      b112316d9bc44c46e6e3f357bf3f5b47f28cc2f0d4fa0145917d02001678689fafe28b72a9add7c05e6be2ac4d969f72cea4b2cd82907b03de1fcdc75e0678f0

    • SSDEEP

      196608:jHg2lhanJrVg5iyGrDaHt4taj/V4KQ2ZYc1TWcv8+/d0Y+UfvHYuqlY8KdKHCwZa:jAY2+0Xat40jI2XZl0AXYuqydC4

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

    • Target

      0a4scandoc.exe

    • Size

      17.0MB

    • MD5

      c5d283a74907d1412156895127aa5224

    • SHA1

      4bbc9e531de97c260dc903aab71777ee132b6fe0

    • SHA256

      c81a5047622abb1e31710776528bf84c69db3302e03dc54ea737b6c4096955db

    • SHA512

      5358265f5d830bdee8f62f96d3b300f4f3172efeae805ea25368b62aec7b70c470ac8aa16a29b4c1d7a9ceacf2adf08ff17a365f4d0715f3403a978740f4b47c

    • SSDEEP

      98304:5yVrgKLz2unHNWUc10CNuazXsLhAZteYCcZDmtzavCnkjGmtBPVbd:8gKnzW08XKetDCCmCCnk/tBtbd

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral2

    • Target

      7z.dll

    • Size

      1.1MB

    • MD5

      8915c81b1da3f8e9ac6d9cb7f9b7c105

    • SHA1

      4f9f117eab2e75df3c2cd85bbad307d58990657d

    • SHA256

      92f6e97c9177361ee5425826585e6e4470052a36bb4e0d0e8667e83b41652c2f

    • SHA512

      8f4440fc3028a16f76deee8b14bab3e973bc4e66e9cefa0fb862d3c010465ae0d1d1a592b6f97d18f4fa123379d85d6c15081f67a8383eb19d96fb84771fdbb7

    • SSDEEP

      24576:0z+JvxNkWnteez2uuj6FKpCdouNOkiTONXrnl+A4wrvL4/kUjhB9:06JvbrnFz2uuj6FKpHuzXrn8A9zLIkUx

    Score
    3/10
    discovery
    behavioral3

    • Target

      AppointmentApis.dll

    • Size

      763KB

    • MD5

      455bf9db1f38409648f3f4fb37210b4a

    • SHA1

      da92e26384d19255706182110345b680255a3374

    • SHA256

      6858b0b0ee9748a117534fc21d2c1a36f639b77b3147acc8d1db3887de62dc9f

    • SHA512

      5cf58cd8652396768adad8ea09c030e3e5f12ee4b6de34ed92984d3d61c59ff0877b15d6adb9fb97518b0566c64d4d868719c50e20a1c2a9e7bb9a72ecdeb49f

    • SSDEEP

      12288:Xy+Q5bc1p8PsNt2ciV1dv7L5HCEZ2GUPF6SCo0ZD42sMhlwKNCmyLdN2pgDNJGNv:Xy+0o1p8PsNt2ci3dv7L5iKDQDDNTtF

    Score
    1/10
    behavioral4

    • Target

      Microsoft.PowerShell.Commands.Utility.dll

    • Size

      6.5MB

    • MD5

      eb6209a124803edff07b71a934aae4be

    • SHA1

      16afba5e6e4c25635b4652e3b2fb6318b53e0871

    • SHA256

      41f55aa4c3badd4da020358bbc649c2e12db0791550e094a34eb6d45faeb835d

    • SHA512

      5d32d602dd84c8a6e89e1f466cebd894ce7bc10e28f43711474001ad4901f5e936cefe8866d6347a9d537c6361adb7df519d8cd00c08cae14f5da5d7bb5ad051

    • SSDEEP

      24576:hr5YtCYOqXj1flD2hfBMpAT1top2FEKkICjp2FkKkIQjNG:hVYOqXj1flD3pANEUkA

    Score
    1/10
    behavioral5

    • Target

      WINSSNAP.DLL

    • Size

      748KB

    • MD5

      82c86fb58237681ef19d165f923065ff

    • SHA1

      77f89fd6218e368ed35ad6cbca3e9d048dbad60a

    • SHA256

      3e2f255b86578852489460bbbc5ec1bb0e6cec61ccb0e0d0e643381631850b60

    • SHA512

      ac50252f46484cd639546834e3ae1cdd821217ea48d645a52407707dfacd2fe7b869d9a43e89082c76391e34cfc1f28a930f4c124f0f32872bb01f4e39a8bc8d

    • SSDEEP

      12288:6uyR2YMeXRprkNlhydJR3KJj7UihpoYINxG8LMlwCskKozXO6WPWTW:Ghpu/6b6hA4Iqq6WPWTW

    Score
    1/10
    behavioral6

    • Target

      appraiser.dll

    • Size

      1.9MB

    • MD5

      e3018a6a909084bf19168e20a0bc0a21

    • SHA1

      fdbcd043368737298ba18d8a6373ac22f0359c1e

    • SHA256

      6e42452574b556821d273b78b6461a31c7c3ad4110d0f73d1e5545998ba61f74

    • SHA512

      73803bf19fa8cc3f0130e90ae5376104962d568547a12286da5de9ceaeb7d1bafcf4b6cc2ac2d4d4b26ce5e23ca435ab3c787232e222d3cbef17f803ce265a1f

    • SSDEEP

      24576:K1S3ooDUqTSYon32NhHDfrBu1WWJCyFBwdnMNIRAGshRe:Kc3AISjmNhnQI6BwdnQIRAG9

    Score
    1/10
    behavioral7

    • Target

      msvcr100.dll

    • Size

      750KB

    • MD5

      2b92a88e329f4845d31941967a3baa90

    • SHA1

      bbf341e7ed9947de0b5d84d93ca0bc4c8beb5500

    • SHA256

      649a7ab8e3b5c0940812e40eafc8f004979bb48bfc8f4bc7db9f2cbcdd715344

    • SHA512

      b94862e3f516402317a5467c6e0ff3dd23a967d90dae87dec1687157e43978c2d73c24fee71b4febeada54bb433ea4fcd16568d02fde1c4f9f50f6d7ba02408a

    • SSDEEP

      12288:dmCy3GUj/QGrB4F+FVW1rWNivf9JNxpEtwIy2i3Hlr0n1:dmCy3LQA4F8U1rWNivf9hpEam1

    Score
    3/10
    discovery
    behavioral8

    • Target

      wlanpref.dll

    • Size

      761KB

    • MD5

      f4565a6b8c00030593d97f0b0f81c976

    • SHA1

      64f458130ff95253317f37f500978eefd9cadfde

    • SHA256

      190536922fb9cd91b778011811260c67c0b24fcd84f5ea7487557ae6729b3cc6

    • SHA512

      79bfadc865b3dc8295987f3cabbedc836c4aedbfcfab9f798b71933d0e4105bd2b043fab16e787167147990f2e18ece642caccacda95ad5fa67059dcd33b1fe8

    • SSDEEP

      12288:DnbMJ3P4SJL0tiB1gaCz47/4CD/Qtn47/4C9mCHDd:L5G4icuIOf

    Score
    1/10
    behavioral9

    • Target

      wxmsw32u_xrc_gcc_custom.dll

    • Size

      728KB

    • MD5

      923e97f86b22abcb602f6ab16d2b0293

    • SHA1

      b14cd14ce8b2c4cd2fe29395679210ba662cd26e

    • SHA256

      95e36f082ac1bd2ee75c7c3d7371c8332cd5f36b3af0e4146689ee8790e7f244

    • SHA512

      d4ddbaaccb26c2e531437b16162489fa0690ab704d711dc3fb99746835cac12f5289eab1d099582acd2d333f8c1a85f096002f0ea10713311b43c38598fea21e

    • SSDEEP

      12288:tdsnZCtwZgmLZDUY8D4110i0GKpPYds5lrc30aSAJGXucjGsywTl:tdGC3w9UY8W0FpPY+lrc30aSAJGXucjT

    Score
    1/10
    behavioral10

MITRE ATT&CK Enterprise v15

Tasks