Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    VQP.exe

  • Size

    274KB

  • Sample

    240914-l5d3haygpb

  • MD5

    833b444535c4be981bcb71f49d65de67

  • SHA1

    e4a091f6468eef250cc33bb61b48e447ed289332

  • SHA256

    016eee3b240904666ffd8dc7493193f8c39610d3b326e09085b72b4664175008

  • SHA512

    b59631f6a9e1da3e5a20df02dfbfc58a0e27ddf29d2639358e31c21017dafeb6a8b947ba65f68faec399bf574490c83918314c548c7ebcd9862c3e68dadff3c9

  • SSDEEP

    6144:PqwQ3ast51XU/6Z63HTpw7MjKYRxZxijVQyGywzMfVdJk5:CFfZZ6XTpwIjNxijWzywIJk5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://partyyeisdo.shop/api

https://interactiedovspm.shop/api

https://charecteristicdxp.shop/api

Targets

    • Target

      VQP.exe

    • Size

      274KB

    • MD5

      833b444535c4be981bcb71f49d65de67

    • SHA1

      e4a091f6468eef250cc33bb61b48e447ed289332

    • SHA256

      016eee3b240904666ffd8dc7493193f8c39610d3b326e09085b72b4664175008

    • SHA512

      b59631f6a9e1da3e5a20df02dfbfc58a0e27ddf29d2639358e31c21017dafeb6a8b947ba65f68faec399bf574490c83918314c548c7ebcd9862c3e68dadff3c9

    • SSDEEP

      6144:PqwQ3ast51XU/6Z63HTpw7MjKYRxZxijVQyGywzMfVdJk5:CFfZZ6XTpwIjNxijWzywIJk5

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks