Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-01_fa22c3cf6cf2a03cd63cc025748a8f06_poet-rat_snatch

  • Size

    10.7MB

  • Sample

    241001-jdtmrssajg

  • MD5

    fa22c3cf6cf2a03cd63cc025748a8f06

  • SHA1

    b491d73bd337f9edf57d8ee7989853b5cc712e7f

  • SHA256

    94cd9326bb30647335c0f79ea3ba0fed18ab2a4cac49098a8142d54802cff482

  • SHA512

    1343b5cafdd8af21436eb6529ca26d1623e5a97247938cc962533473ae881e6ffab2505d23f0ed25f5fd1469f7ec8e1618868ec44543db5cac86a44d45eebdf7

  • SSDEEP

    98304:zJ/Z0xT9+tW11p1zQDZezqJswiJ509jTjqhz:5a1c9PJhiQTqJ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://coinnyfrownwejr.shop/api

Extracted

Family

lumma

C2

https://offeviablwke.site/api

Targets

    • Target

      2024-10-01_fa22c3cf6cf2a03cd63cc025748a8f06_poet-rat_snatch

    • Size

      10.7MB

    • MD5

      fa22c3cf6cf2a03cd63cc025748a8f06

    • SHA1

      b491d73bd337f9edf57d8ee7989853b5cc712e7f

    • SHA256

      94cd9326bb30647335c0f79ea3ba0fed18ab2a4cac49098a8142d54802cff482

    • SHA512

      1343b5cafdd8af21436eb6529ca26d1623e5a97247938cc962533473ae881e6ffab2505d23f0ed25f5fd1469f7ec8e1618868ec44543db5cac86a44d45eebdf7

    • SSDEEP

      98304:zJ/Z0xT9+tW11p1zQDZezqJswiJ509jTjqhz:5a1c9PJhiQTqJ

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks