Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2024-10-12...ch.exe

windows7-x64

1

2024-10-12...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-12_ce9a68dc735510dddbd76989ae2adb76_poet-rat_snatch

  • Size

    12.6MB

  • Sample

    241012-y6cbhszbpd

  • MD5

    ce9a68dc735510dddbd76989ae2adb76

  • SHA1

    a10ee37a11940d27598db61018446b4b6ddd2b1c

  • SHA256

    3b9a545a879e311ca105cdb79c25e2aa262e6b7c97812959be677d994e5afce0

  • SHA512

    e7185d04fb76f52e4a8f877a606f84b5195048c903d64881c1e0aed8f4bc63fa7383e35879409d4f8d1f64174fd3c0f344a60210a5e97beb4c8a31e7fb8ffb34

  • SSDEEP

    196608:pnfHEFsISrhTJyU69zK2OGOOcg3RQb0jLNtTYz3:pfHE6IC/GOOc8QY/ET

Score
10/10
lummadiscoverypersistencestealer

Malware Config

Targets

    • Target

      2024-10-12_ce9a68dc735510dddbd76989ae2adb76_poet-rat_snatch

    • Size

      12.6MB

    • MD5

      ce9a68dc735510dddbd76989ae2adb76

    • SHA1

      a10ee37a11940d27598db61018446b4b6ddd2b1c

    • SHA256

      3b9a545a879e311ca105cdb79c25e2aa262e6b7c97812959be677d994e5afce0

    • SHA512

      e7185d04fb76f52e4a8f877a606f84b5195048c903d64881c1e0aed8f4bc63fa7383e35879409d4f8d1f64174fd3c0f344a60210a5e97beb4c8a31e7fb8ffb34

    • SSDEEP

      196608:pnfHEFsISrhTJyU69zK2OGOOcg3RQb0jLNtTYz3:pfHE6IC/GOOc8QY/ET

    Score
    10/10
    lummadiscoverypersistencestealer

    • Detect Lumma Stealer payload V2

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks