Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
06-12-2024 06:03
General
-
Target
lummastealer/Data/Media/R-admin.pdf
-
Size
649KB
-
MD5
04a7d083b6bd70dcd87053b89c9984b0
-
SHA1
b2758b76c12c7652ee5af25e8bffd69e4d1076f9
-
SHA256
ab8af3e5103ce93abd1d2edafa6da16dfbe2bc8f850da5d013394ccabea8d9be
-
SHA512
66b1dc76dd2a36184b6d84fafc7d2dcb2f4f285861e331e1047a8257f8f547265ba6d2980c079e85fc8e45a67d16129b48ec62d4b56a28157b8e3e08fb0012a4
-
SSDEEP
12288:wWNz973x51JdzGakA6xfMmyJKHA+fmoiRCSqc/7C6:wU97B/LCO6pMwHdmRRChc/G6
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\lummastealer\Data\Media\R-admin.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD531727ba85a172072ef2e442a09e81ce6
SHA1a8870edf76a8b98b373a311743620b6357bc829c
SHA256236078618ab560dd44e0cda20e196b6e72f6b3146353ba52df849b81656792b1
SHA512e554160f369f7b66fa824d401f2266e22f1d53d10a794b6d8a545758b25d13d5ebf3ce841248265dfe26a8b0a65347ee6a4c02dcc5ebb2eead0244675a755d82