Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    871de398ab9f199d5598614eb6701caa8b39d36fd004c2b71136ec23d3fe511d.exe

  • Size

    538KB

  • Sample

    241009-rsgkra1eme

  • MD5

    19859492f0c526037ef83af7cc53e51a

  • SHA1

    27f8974e82a871d69f7bb7092154affed04f8569

  • SHA256

    871de398ab9f199d5598614eb6701caa8b39d36fd004c2b71136ec23d3fe511d

  • SHA512

    f2d93536c3155e06bed610d4dee328def1e9c339de324f23aa7c5e7e2e7a9544d553a09183d414bcd3f899a7890e7474f4eb2c64a5e6f5a7111f97e9248de35d

  • SSDEEP

    12288:1a8AljUKb0BQlNULkEJ1GHjvG0CscodaFJ0gcMaB4S:1AjUY/1E/mrGesAg3aC

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://clearancek.site

https://licendfilteo.site

https://spirittunek.store

https://bathdoomgaz.store

https://studennotediw.store

https://dissapoiznw.store

https://eaglepawnoy.store

https://mobbipenju.store

https://trustterwowqm.shop/api

Targets

    • Target

      871de398ab9f199d5598614eb6701caa8b39d36fd004c2b71136ec23d3fe511d.exe

    • Size

      538KB

    • MD5

      19859492f0c526037ef83af7cc53e51a

    • SHA1

      27f8974e82a871d69f7bb7092154affed04f8569

    • SHA256

      871de398ab9f199d5598614eb6701caa8b39d36fd004c2b71136ec23d3fe511d

    • SHA512

      f2d93536c3155e06bed610d4dee328def1e9c339de324f23aa7c5e7e2e7a9544d553a09183d414bcd3f899a7890e7474f4eb2c64a5e6f5a7111f97e9248de35d

    • SSDEEP

      12288:1a8AljUKb0BQlNULkEJ1GHjvG0CscodaFJ0gcMaB4S:1AjUY/1E/mrGesAg3aC

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks