Overview

overview

10

Static

static

3

OPTIX/OPTIX.exe

windows7-x64

10

OPTIX/OPTIX.exe

windows10-2004-x64

10

OPTIX/Pres...ts.dll

windows7-x64

1

OPTIX/Pres...ts.dll

windows10-2004-x64

1

OPTIX/WinDivert.dll

windows7-x64

1

OPTIX/WinDivert.dll

windows10-2004-x64

1

OPTIX/WinDivert64.dll

windows7-x64

1

OPTIX/WinDivert64.dll

windows10-2004-x64

1

OPTIX/avcodec-85.dll

windows7-x64

1

OPTIX/avcodec-85.dll

windows10-2004-x64

1

OPTIX/cygwin1.dll

windows7-x64

1

OPTIX/cygwin1.dll

windows10-2004-x64

1

OPTIX/meta...on.dll

windows7-x64

1

OPTIX/meta...on.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OPTIX.rar

  • Size

    543KB

  • Sample

    241230-sk15vs1jay

  • MD5

    5690aaf3e495432b29ddb2ca7ecd368b

  • SHA1

    dd11dd33d85ac568a41ccd96e979ec2daaec2d2a

  • SHA256

    5458c99c362d2a5eb6e9e71a418890fed6fc866843531ff698df750652e897fa

  • SHA512

    8171733d5c8412a940afea01fd41e90d1b68618f0ff6f6375d9b29f002f6c2429be3863cc0798469c8ee47ab1001d4791be21dee1bd73b6b36ee0f69756a6a48

  • SSDEEP

    12288:lk2Wl5pXwjFZ+dr9iYBO1pBBWxbKMiPQPNiqA/JBrBvRcPGZsKY5jn:l7epgBZ+octxbBiIPNpcjrBvRB6V

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

    • Target

      OPTIX/OPTIX.exe

    • Size

      882KB

    • MD5

      3154e1ae9d0059bc7d0d995a6ea6cf64

    • SHA1

      2234f0883875fa2f7367aba0d544df7e773e0c02

    • SHA256

      da7a502140453ea8d1b23927bfe0f5bf6294929dd2ac246b19684b14d0662bec

    • SHA512

      bd28a836c83b94430ef4f01bb55cfd753a6b53e211080f0f8b37ab290764e275e110c581e6250e9dffb759b5ba953d1e42864bbd9457f8057c717bda6b22175d

    • SSDEEP

      12288:0GE8EbcUST4r48WQuODTAFKHMRTvrTOODTAFKHMRTvrTr:0GEZcUhkBQf0FKsRTjT/0FKsRTjTr

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      OPTIX/PresetEffects.xml

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral3behavioral4

    • Target

      OPTIX/WinDivert.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral5behavioral6

    • Target

      OPTIX/WinDivert64.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral7behavioral8

    • Target

      OPTIX/avcodec-85.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral10behavioral9

    • Target

      OPTIX/cygwin1.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral11behavioral12

    • Target

      OPTIX/metadatacache_paths_definition.xml

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks