General

  • Target

    R B X E 5 5.rar

  • Size

    9.6MB

  • Sample

    241030-1rw4gs1jat

  • MD5

    50dd95ec63a6fafa6875bb801fa5c44c

  • SHA1

    6bcc99390faa5b1109c26714a2ddb45ab8045ada

  • SHA256

    1f47eb23ca22fb41a78d93253fd5bfd1229d1c3c9fcc282d24dd5242b2bae386

  • SHA512

    665fe6c41da9a60ca3581f2734933e33d6eca892275b83f6e5c20afe2322d3f027f62df48ea546dd430d9779a6eb8cf5fbd22fc21c616bcc1f57ea79d4d8ba8e

  • SSDEEP

    196608:wSns9uhSNKavGluGVyXWBYvzYi2ZtMp0oDMDqi1hKm3bMQV:5c2I02vzYBQp9wZWm3bPV

Malware Config

Extracted

Family

lumma

C2

https://goalyfeastz.site/api

https://contemteny.site/api

https://dilemmadu.site/api

https://authorisev.site/api

Targets

    • Target

      R B X E 5 5/Client.config

    • Size

      33.0MB

    • MD5

      157bca5bfbab154797fbbe947946084f

    • SHA1

      280096391abd2ea592198d205b6e44cdd2408121

    • SHA256

      f9aae2ca83d60ae3a6e443d23c91672cda766f73003e4f3f0f99eec1f336d946

    • SHA512

      5fbbaa59d4425779ecae554372a476414a60b70fe190ca408a0505b13064866d1576e6409e657d2933cd5922a053aacdf7c01b457b3385476dabfe1c46b5c1da

    • SSDEEP

      786432:BeCve2OlHAoFfgrh96BKMZvBx9ImCrWFi6:BejjlHAopI9xABx9ErWFi6

    Score
    3/10
    • Target

      R B X E 5 5/Xeno Executor.exe

    • Size

      297KB

    • MD5

      221f2eb5bd8fca181e20949155b248f9

    • SHA1

      8c92408ccbd98d3b052a11104f887d7667f27c02

    • SHA256

      10ae35a1c778cd0aecf248d15eef65fbc4888e6c6c34a15752341c35c0406f26

    • SHA512

      5aa4f77396c4563423a875d16ccaccbf4687d3ad58df5d348ead2fac84c20d101add2134f0a5f6527facacca3fa5c033f7c58a057d93879c422bd831a95b8fcb

    • SSDEEP

      6144:pmt1sl0HI96EKlgJUTO12PLZ0y7FpC4FWoR0CSFl/klp2zf:UWlTKlCUTO12jZ37TC4FWtxklp2zf

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks