Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

14bc1edbb1...0N.exe

windows7-x64

3

14bc1edbb1...0N.exe

windows10-2004-x64

10

Resubmissions

03/01/2025, 21:12 UTC

250103-z2cl6atlfy 10

03/01/2025, 20:40 UTC

250103-zgabassmaw 10

03/01/2025, 20:37 UTC

250103-zelljsvndk 10

03/01/2025, 19:29 UTC

250103-x7cg8sslen 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14bc1edbb127c33a2a10758ea83d607a3cc26f34082713f9497aa6ebd7f51ed0N.exe

  • Size

    1.1MB

  • Sample

    250103-x7cg8sslen

  • MD5

    79972f296cb418a20b17d2440850d790

  • SHA1

    3a096f7084a15176a30bb69126468059846c30ed

  • SHA256

    14bc1edbb127c33a2a10758ea83d607a3cc26f34082713f9497aa6ebd7f51ed0

  • SHA512

    9d0632eeb7c6907b70fe2dce984b20b0e83c1c4c9b0a2cc17c01f7b2be53171c5beb5c9fb5994ba51ebd2e83d3d8579e732535097b85681a3305914c3d89d38e

  • SSDEEP

    24576:Rz/BfKdNZHQMtptCohxX+8Fn90yIJKQ0lTF0D3+kyOdsa1:hZE/HQM4ohxXz95IJKlJ0ypOdR

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

    • Target

      14bc1edbb127c33a2a10758ea83d607a3cc26f34082713f9497aa6ebd7f51ed0N.exe

    • Size

      1.1MB

    • MD5

      79972f296cb418a20b17d2440850d790

    • SHA1

      3a096f7084a15176a30bb69126468059846c30ed

    • SHA256

      14bc1edbb127c33a2a10758ea83d607a3cc26f34082713f9497aa6ebd7f51ed0

    • SHA512

      9d0632eeb7c6907b70fe2dce984b20b0e83c1c4c9b0a2cc17c01f7b2be53171c5beb5c9fb5994ba51ebd2e83d3d8579e732535097b85681a3305914c3d89d38e

    • SSDEEP

      24576:Rz/BfKdNZHQMtptCohxX+8Fn90yIJKQ0lTF0D3+kyOdsa1:hZE/HQM4ohxXz95IJKlJ0ypOdR

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.