General

  • Target

    McAfee.exe.zip

  • Size

    31.9MB

  • Sample

    241122-gla5aa1ndr

  • MD5

    4f8033a44af983761188b915926fb21b

  • SHA1

    25e5847d42408a2d42ae34e026e01e98da21bdca

  • SHA256

    a296f9485d780b55e49b080d12f5eb2ccdc4046ba6c2ea7cce85cda84970bca4

  • SHA512

    df16a702f16e9d6ca4a3c92623b4b3db52601e350eeedf775293b888dbefa5e8df9ed2536ec6e80b8e166e12a608118d2ff5a103220756209babedddebafdfcd

  • SSDEEP

    786432:5BmLosVEhktH9aMRBozd0QMRBoKyctwcSkjEpiMiSKa96qDLoDZ:psVEhEBlB7ylRHCCoDZ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://carrtychaintnyw.shop/api

https://quotamkdsdqo.shop/api

https://milldymarskwom.shop/api

https://metallygaricwo.shop/api

https://opponnentduei.shop/api

https://puredoffustow.shop/api

https://achievenmtynwjq.shop/api

https://chickerkuso.shop/api

https://pilotyiess.shop/api

Targets

    • Target

      Setup.exe

    • Size

      4.0MB

    • MD5

      95387cc85dacad60b3e10665b43602e6

    • SHA1

      d9aafd45fe3ad10d28716d6289fe76b4fdce1869

    • SHA256

      3c317dbab70d3ab4fce944c92532d111f69fd71dca5c7f7c7b8d57e657f26a1a

    • SHA512

      82cb0983739a76d15beacbc50f1bf7fa5cca1650b18444c204a3e6a6656aaba5ac94341fa394aaad78b3ff2d51f17c6623f0a882692881d6506af5dae544a02b

    • SSDEEP

      98304:ad/+HMxTNPx8kwh+Pfddfe/nxmu5QK1V7Z:Y2H2TNPx8kwhWddfImqQI/

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

    • Target

      datastate.dll

    • Size

      75KB

    • MD5

      28f0ccf746f952f94ff434ca989b7814

    • SHA1

      506e85d2de6377492d90b98aa20663b0ff3ce32a

    • SHA256

      6010e2147a0f51a7bfa2f942a5a9eaad9a294f463f717963b486ed3f53d305c2

    • SHA512

      b74ebb9a12079caf7bc074bb977ee94dc6ffcae845c1120026f384953fe2499d4bb0cdb7b6dcb2ff7f37e8135db06048815cc13d1837235eb11fe86e3c4572ee

    • SSDEEP

      768:BdPmXHrMcRkZrVlqE6BI6TalNPzrrSRTy3IXGX8prYXDRMMUKkVp4VdEhahE:r+XrMzriE6BorrJIXJpCRM7fVp4c

    Score
    3/10
    • Target

      madbasic_.bpl

    • Size

      209KB

    • MD5

      dc6655a38ffdc3c349f13828fc8ec36e

    • SHA1

      95db71ef7bff8c16ce955c760292bad9f09bb06d

    • SHA256

      16126ff5daa3787a159cf4a39aa040b8050ebb66ab90dbb97c503110ef72824a

    • SHA512

      84b85f2aaad773cbe039022db3d0c35263343243f0d021d7aa3086904b80dd309e6d2a93613cc774b5db27335f4d2850151e2bc8f4648b0065f66bd3722c3d69

    • SSDEEP

      6144:wN/kSQxE6qeM/k4qTl5L5e5+53WCG1CbF/Frf1:PqeM/k4qR5L5e5+53WulZ1

    Score
    3/10
    • Target

      maddisAsm_.bpl

    • Size

      61KB

    • MD5

      84bc072f8ea30746f0982afbda3c638f

    • SHA1

      f39343933ff3fc7934814d6d3b7b098bc92540a0

    • SHA256

      52019f47f96ca868fa4e747c3b99cba1b7aa57317bf8ebf9fcbf09aa576fe006

    • SHA512

      6e7648194738e8e49e48c2450eef1d482473cd4e5c0e83f292ac9174488f3f22a3b6ba96f07e024c2ab96613d9db1a97084ca0b3973ed5d88502e0d28e120ef5

    • SSDEEP

      768:RhaUyLDjc8SqMhnJ/zq0siFsjB5mYdWtC16+C+024bQJu0D3BIBo1w4Kv57dbhrC:RNy3eqMne0sXB0IWtCLwEJhY0w1SD

    Score
    3/10
    • Target

      madexcept_.bpl

    • Size

      419KB

    • MD5

      38138d69a1a262e0bb2e4f6081ddee22

    • SHA1

      bcf12a2e0c2cb5c81829e0901b3cc00144d20cec

    • SHA256

      a4d63cdefbc75ae2d2f8146c1af57ae1792afbe488c64f634737c29283a1156f

    • SHA512

      ba3112e129f8249dadef5d9582e5e2f16de7e3c6aa35d11d84ad9f666563c0eeb6396e46adc148d3424c6af6264565a2a2f2803f5105c662ee9da9e68f02ddd7

    • SSDEEP

      6144:elA649EKhEV30F8sl88nTjQ4Q50gEcW/jd+o72niVUNRa48n2:elP4ut30F8slzYlQcW/jd++2nJPe2

    Score
    3/10
    • Target

      pdf2bmp.dll

    • Size

      278KB

    • MD5

      f65c3b116281fd23e5748ad73e9501cf

    • SHA1

      ebda8a741833c4fcbfcb72591a7c173d69a01ebd

    • SHA256

      eb48e0e36be7b0a89a0b8cc129a3b004a8525e5f60445e5ca48a7810d9d93725

    • SHA512

      78ec4ade61c6abf87283d5858ffe119e10d119bcaa2c678d20cb7d45bb1d244a9aaf70b50ab365509b615e7323081292bae156d665a471990863c83a8b233cbc

    • SSDEEP

      6144:Fy21Cp1pVexu7mAdMyQ69cu2hk8vZM4ie:Fy2Ap1feEPQ6Z2fMFe

    Score
    3/10
    • Target

      pdfium.dll

    • Size

      4.3MB

    • MD5

      65a63bd3e6c4ce54299bf494582304f3

    • SHA1

      e6f63f69388dd5a3cda90403711b78fe5c667981

    • SHA256

      5b8d7269ed5ca414208ff017f52ee65f14d4d8a707a39a7dc3f9879c0c0ce335

    • SHA512

      f8ff930aa55222478967b7865465c3f75138b9ff172fdcc1aab47a0172641c5a790e73b5d98bf47fc772002437ad2153846dec626e020408c8d6daee0c630b59

    • SSDEEP

      98304:2RxHLI9xEoQRTlaVA+5xfMMHG0kOJuJrCpxPa0wwnYCICsAV:YpTcAsEsuyPahCICsA

    Score
    3/10
    • Target

      rtl120.bpl

    • Size

      1.1MB

    • MD5

      630991830afe0b969bd0995e697ab16e

    • SHA1

      feda243d83fba15b23d654513dc1f0d70787ba18

    • SHA256

      b1fcb0339b9ef4860bb1ed1e5ba0e148321be64696af64f3b1643d1311028cb3

    • SHA512

      2f2bf30be615f44e56ecca972a9fcbe27187045e13c468d039645e5cc6d01f990cde32b322965f245bc8fccfd0920f09a0afa1d4de0748ed01dd9ffc1bd24692

    • SSDEEP

      24576:ebhz5FWbA1msvIRzM7Rk5JZzSQ4+Is2D9Tx0gbo5:l2hTKgbo5

    Score
    3/10
    • Target

      vcl120.bpl

    • Size

      1.9MB

    • MD5

      849070ebd34cbaedc525599d6c3f8914

    • SHA1

      b0543d13f4d0cb787abdaaf1d3c9a5af17c87afa

    • SHA256

      b6f321a48812dc922b26953020c9a60949ec429a921033cfaf1e9f7d088ee628

    • SHA512

      f2ca685b01be9d1b77d8d924e0097ddacee7628cc1aad8a87d8b18a699558d38a7851e6cff8bb2b8ae1980824588af5c3ac75b7b4198b620144dff61611f3aeb

    • SSDEEP

      24576:L2gt8PRUMggrgN/5tWw+eNVEXZB5SOCwhuuYY8RPyS9YEPI5yz6T:LRSf0Ww+NpPSyzYY8c8YEPI4+T

    Score
    3/10
    • Target

      vclx120.bpl

    • Size

      220KB

    • MD5

      7daa2b7fe529b45101a399b5ebf0a416

    • SHA1

      fd73f3561d0cebe341a6c380681fb08841fa5ce6

    • SHA256

      2bdf023c439010ce0a786ec75d943a80a8f01363712bbf69afc29d3e2b5306ed

    • SHA512

      8e9ec71943c412fe95563e488d91e6ef0041c16a08654ff14b11953f134007657d1e6ec95952f6b9c8b8567a35368840618db06e5cd99abc43ae495a3fbc6b96

    • SSDEEP

      3072:F4af8kXL6nX0YXjvkWQ5vYhbNkWPFOEJ8YZbjeTl0Y25zFgYBzRKy6sB65avEtAt:Oaf8kLWL7Xov8bNxdOmrfgYmHA6I

    Score
    3/10
    • Target

      x64/Templates/TemplateCorreoCliente.htm

    • Size

      2KB

    • MD5

      ce4c1f3ba9e690c4119e8ed39aa8eb78

    • SHA1

      dc2da00c92b51431c01c5e598de4665c9989e856

    • SHA256

      e17621dc67919e53a0d1be6a03fa0d97f01c8932f8d8912d556327e620310432

    • SHA512

      daf95e6329b060fe230096fc7a594cf0a13801e2dcf9869affa5530a2d03bf6c0dd2d9340be5c312b82d41dad48057f86811a23b23fba93b0dc9a478986ac4ef

    Score
    3/10
    • Target

      x64/plugins/MahApps.Metro.IconPacks.BootstrapIcons.dll

    • Size

      2.1MB

    • MD5

      8a999c6c4b38e3afef0b54cbd84180c6

    • SHA1

      991b865b6dca9ead7d47dfb22faf584fea276044

    • SHA256

      73e67b8a6607064c314b0a5d72def055ae0599beae1e7073d7a10626543d7fd0

    • SHA512

      030fcb028335a62ea7c05053835c09016643bc2a941537a7a3dd97913cbc7f6c501e6ad3fb24fda4064d5ed08ed59702d911d7c9aa3f840e12e6db843464236d

    • SSDEEP

      6144:CTuzE29sK1y7RQNsMse5AV54EFdxtkYVBQoahtxDfzjADAW4vBM9jd2e+pT9IaRr:4uzEBA

    Score
    1/10
    • Target

      x64/plugins/MahApps.Metro.IconPacks.BoxIcons.dll

    • Size

      2.0MB

    • MD5

      c01837735db98ade25e996c8fec33bf6

    • SHA1

      626cc39c077942f70b72795e999a14d8729a7298

    • SHA256

      7b28873c6b729262f6f02ff2da46ca4aeaebcf3799eabd460bfbbf4a0fcf01ca

    • SHA512

      6bce692e3bc1304b518a9b47244af4e689ab81362906c3cebf732db0eced533bbf5c9f3a779614f6b258e087b7cbe762a37a68373b4749f7c30ec330984a6f05

    • SSDEEP

      12288:NbuZ0HSkOZo/IMCPY3sgUVhv9Rhz4iamcXw9320uVBi0KwxWjYyF:o

    Score
    1/10
    • Target

      x64/plugins/MahApps.Metro.IconPacks.Codicons.dll

    • Size

      559KB

    • MD5

      7f92130abd27092c78a3e075334bb75e

    • SHA1

      14f0cf7594d998d35762e7ada89143601b222613

    • SHA256

      a22950cc45540743ac0feae232c4cffeb25baa54ac3604765907e849ddad25ec

    • SHA512

      68e23a47a5700dd84ab6b602842d723056cc26db12a7d70336da4c5ee0372cd95883da7232a2527fea21669f82fc1a44afb647b6bf25084dd78174e25ed724f0

    • SSDEEP

      6144:2tdYnKgBzqqrTzWBzqqrUzQ7M1L1MyzpmeJ4O:26O

    Score
    1/10
    • Target

      x64/plugins/MahApps.Metro.IconPacks.Coolicons.dll

    • Size

      451KB

    • MD5

      14f3f599e7a67c95d779820dba5a9fff

    • SHA1

      b88ea6caa09ecf11d2e6dbae039ab0734a823345

    • SHA256

      213956439f1d224be2f78ae9a345e2c02902750cd83a4a0439234afe801e75e5

    • SHA512

      e295ab8f8d90208f6a41320868d73a225a12bedc15591f2a19103a659fb437016ebded0c8fd62c61db3a8dadaafb07565cb76a51fd4113acd20cd568e36807a2

    • SSDEEP

      6144:Psu6HHHYtONor0Gw90Lx5FkbrawYhhGqlQz08aWFe/HD6TYm5oE3e3FsPgiu9g3z:P1774BfdWECoBmW

    Score
    1/10
    • Target

      x64/plugins/MahApps.Metro.IconPacks.Core.dll

    • Size

      19KB

    • MD5

      b705c478c096ef8ea4fc0738d52d1c84

    • SHA1

      44ec80a1259df99ac06cc342b03ca0fb9db22faf

    • SHA256

      b6156814d7014a38587991b19eec9228439bc0b2558cfa9bedb4e72ac611fccb

    • SHA512

      f212cde6c87920b3ee6e588c473987646c3f6ddca4b2122dd876ff61815dc7dccbbcb469024fd50cb0f3e1829643859e3eec4c8a91442056624c6f5922344b35

    • SSDEEP

      384:feCnIM4AZxFYzXKZHqwAodV5rroIYJFzcQ8tFq3qs6jUasojg4APsTTlj5a6wIYU:feu4RIDfov4bFyUjUnWsKGVD6

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

lummadiscoverystealer
Score
10/10

behavioral2

lummadiscoverystealer
Score
10/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10