Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d07b60405395929fa6cc003b858c2f37.bin

  • Size

    1.3MB

  • Sample

    250107-b6xk5axrgz

  • MD5

    139bd8d4a60c75ca0235805ce8921632

  • SHA1

    199f3b55e7d5635f0964acd86f1fb4779093b5e1

  • SHA256

    aaf7456e23ebdd5e4dec01fc511a18d25971465d468e8c30c1df323111cf6818

  • SHA512

    bf1c61f2f8d2f3d8ae0dfa095f16edc1e2a2219e1db7eb98807c16a7ee89bb11d7a483b913133a03aaafa7581775c1aad02b1df6a5e7e5aac374a46873afc345

  • SSDEEP

    24576:J/N4noeVpZWXtfMEIAA+JqttGGGDpZQyxig4d/WgyQqw9q95Z:41WdkuA+JmtGGuQ8DhgBqw9q7Z

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      2254c1261c9c6aa2dd777a2ebf9cc28e634f1f6249f4c352b0451ef9f6406ff1.exe

    • Size

      70.0MB

    • MD5

      d07b60405395929fa6cc003b858c2f37

    • SHA1

      c1a890e84c98de3f8e330c78c534cf434b677a97

    • SHA256

      2254c1261c9c6aa2dd777a2ebf9cc28e634f1f6249f4c352b0451ef9f6406ff1

    • SHA512

      d6f0ba6d9bebfeca0c3e30361d30ea84120423491236687af277d7d1bb68affaea202eafada86384282329c9cd37bc9e6f87a4ac9ef981478a4aaaff66a0097c

    • SSDEEP

      24576:3iDV9lNv94RgIN8KCABMAAgSfFnhk0+H3epbMwsIF2r1Sxvf:OlNv9eg9QOAIfFnhk0o3VIUr1m

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks