Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06-12-2024 06:03
General
-
Target
lummastealer/Data/Media/moveline.pdf
-
Size
28KB
-
MD5
4c3353b3ec2fd9156cc61a9c19a7de98
-
SHA1
ccecc3c74551f900679ea51ca146df10ff299057
-
SHA256
352d609b3be9a7e3ccc2c19b872bc1b34d2de33d3831ad57aaa5a198b46b137e
-
SHA512
6c81f1360e0347173279215bd3433f917b4d67a4a232e3285b28ce19cdd67f94c658ac1951706a11a1eb2bd72f7873458c824dcfc13d8abca181fba52590b36c
-
SSDEEP
768:lYQs1hINMceFqi6hrPwG50tITP3k5TJhLsmGt/kSFiC:xmqN9lkITqJZsmwVd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\lummastealer\Data\Media\moveline.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bb6e4ad7a4fadfd9ea7fde3e25ea69a2
SHA12db16b723e170d008c76be1de51bc7ad92f74e69
SHA256b1db43941fdb477f1b2ea99910cb339237f00f39f155f525fd77a3fe9aa60ac6
SHA5125a6f4ba7019071d13790041989bd22d3aa835fbfb37e75047d59b2b7dcd72b96476791e3b29345362f29ae76c4ecef1a1f3bc3bd971122dced5901fdb4e463ed