Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.Win32.Evo-gen.11764.10915.exe

  • Size

    10.2MB

  • Sample

    241013-1arsfateml

  • MD5

    4f4e640b100583635e7d7218bc03a047

  • SHA1

    90fe08e4c8dd5fe7f5c6411529d8b41cef09746c

  • SHA256

    b68f20b21290f3398b67a6c4b645d5ea94aeaf8e3da4272554b0b8e03753d08c

  • SHA512

    772940dc7d6962f03d7cec23893b71408f69d8d4266f8d770164df012fea149cf21a3b1f67164ecacf938ed43c8bf3bb19966048e8a6056a739e7a9c4fe5b5ab

  • SSDEEP

    98304:HgHLafrLC6zJzuOpqjksAFAcp4EwH1dEo5byjV:agtJ8jk+cu1O4u

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://tryyudjasudqo.shop/api

https://eemmbryequo.shop/api

https://reggwardssdqw.shop/api

https://relaxatinownio.shop/api

https://tesecuuweqo.shop/api

https://tendencctywop.shop/api

https://licenseodqwmqn.shop/api

https://keennylrwmqlw.shop/api

Targets

    • Target

      SecuriteInfo.com.Win32.Evo-gen.11764.10915.exe

    • Size

      10.2MB

    • MD5

      4f4e640b100583635e7d7218bc03a047

    • SHA1

      90fe08e4c8dd5fe7f5c6411529d8b41cef09746c

    • SHA256

      b68f20b21290f3398b67a6c4b645d5ea94aeaf8e3da4272554b0b8e03753d08c

    • SHA512

      772940dc7d6962f03d7cec23893b71408f69d8d4266f8d770164df012fea149cf21a3b1f67164ecacf938ed43c8bf3bb19966048e8a6056a739e7a9c4fe5b5ab

    • SSDEEP

      98304:HgHLafrLC6zJzuOpqjksAFAcp4EwH1dEo5byjV:agtJ8jk+cu1O4u

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks