Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Salex.rar

windows11-21h2-x64

10

SalexLoader.exe

windows11-21h2-x64

1

antiban.dll

windows11-21h2-x64

3

config1.cfg

windows11-21h2-x64

3

config2.cfg

windows11-21h2-x64

3

engine.dll

windows11-21h2-x64

3

wincr.dll

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Salex.rar

  • Size

    489KB

  • Sample

    250115-fmey7atmbj

  • MD5

    35027836f30a27f95f89464f4002cf47

  • SHA1

    ad8b206ebd77787915928990042185318ed4d1cc

  • SHA256

    d820a2843c4dd04b3fb075d45c9f7953f90a97e87a97f934212f4ff74253cd4c

  • SHA512

    9c7bf22dfe29a628862d633931a3021433fe4fb2565ede170596a9ae47447230a8ecfd2d150f3dc0c602159227f9152f84ea80a7a3c5e12c134f12e16094fb4e

  • SSDEEP

    12288:nqeB8sdAaFgh4VUPLUwi9FYftVKwXZ8UK0BPWt29:nqfaFgyVmAwinYftVVXrdK29

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      Salex.rar

    • Size

      489KB

    • MD5

      35027836f30a27f95f89464f4002cf47

    • SHA1

      ad8b206ebd77787915928990042185318ed4d1cc

    • SHA256

      d820a2843c4dd04b3fb075d45c9f7953f90a97e87a97f934212f4ff74253cd4c

    • SHA512

      9c7bf22dfe29a628862d633931a3021433fe4fb2565ede170596a9ae47447230a8ecfd2d150f3dc0c602159227f9152f84ea80a7a3c5e12c134f12e16094fb4e

    • SSDEEP

      12288:nqeB8sdAaFgh4VUPLUwi9FYftVKwXZ8UK0BPWt29:nqfaFgyVmAwinYftVVXrdK29

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1

    • Target

      SalexLoader.exe

    • Size

      700.0MB

    • MD5

      8906c248a6a568a98fd137991edf993b

    • SHA1

      2a3bebb2e2e5c510a03769d3624ec62f86942b4e

    • SHA256

      6962d770fcd8edee1dc00ad9e5918fce3ef3aedbc2d938f242a09eb5abf67025

    • SHA512

      8d7d2551348039f009f846551166d93448e220fbae7b38588bee4682d1da96b0db4f9290eb56418ef6455923cd626dbef9ffbe0eeccbc7602b40ea2eed77613c

    • SSDEEP

      384:zmActkV8tbUqcO7jL/z9Nkjn7LhaUyviCWB:zyKOtbhNun7ldwWB

    Score
    1/10
    behavioral2

    • Target

      antiban.dll

    • Size

      279KB

    • MD5

      493e0b6ab748db93771272bd754491f3

    • SHA1

      febb8b1271d8619020078a1f6d74170c1d845c9c

    • SHA256

      e6faa707f8eb8d1ad465c3ef0b11224d55e7b2ca9c04240deec193dc2ad33999

    • SHA512

      5184ada1f3f25b1c987075fbbcbc90275f7a054d6e8700f0dd6d57e566e823a12d072f2bf72934f8d2d46bd46acf5156b719f42d4178683e637a411a64c5f747

    • SSDEEP

      6144:9lUZiPhyiSgnUSTTd9GlbbE0TrHnzh9UTBKK:gZiPhyiSgnUS3d9GlvRPnzh9UTQK

    Score
    3/10
    discovery
    behavioral3

    • Target

      config1.cfg

    • Size

      848B

    • MD5

      660f059de96ae650273eedf2e871e978

    • SHA1

      c4f150ba247f16612083a8f75eb7df7978f3ac47

    • SHA256

      b9ecd4cd9d045e6f6c446caf4d1bca1d150396bcfb71aa2cdbf8bce7303d60be

    • SHA512

      860ebcc81fe4b270f6789ac51ed54b35ab93e7a56fd70301108aa651bba6a38440a625f48f1ed9bda87d3e849fa024c52acc5ac5e71c2e9cd46fa0991be8f7b1

    Score
    3/10
    behavioral4

    • Target

      config2.cfg

    • Size

      18KB

    • MD5

      5fab28899d2ad58ca0a7385ecd292dc0

    • SHA1

      fbd8abcce4da8d078c73098d9c341785214b41c5

    • SHA256

      8b407622142e523ef950feb5899be35061d03ba93e84972d2c72a156eb69430e

    • SHA512

      1a0435c62a80839216ec1a88c131322fea81910104fd7f9bdc9edb9dbac6fce3928ba80d8d8a53b16e77405199a77c65836373b5d808e7a2266db41536623935

    • SSDEEP

      384:3BhwCLGneULPZnst1Bdm772dKWXhTiY6UomW+zGWX8uuM:3mnst1Bdm7a8WXpgZWXruM

    Score
    3/10
    behavioral5

    • Target

      engine.dll

    • Size

      279KB

    • MD5

      493e0b6ab748db93771272bd754491f3

    • SHA1

      febb8b1271d8619020078a1f6d74170c1d845c9c

    • SHA256

      e6faa707f8eb8d1ad465c3ef0b11224d55e7b2ca9c04240deec193dc2ad33999

    • SHA512

      5184ada1f3f25b1c987075fbbcbc90275f7a054d6e8700f0dd6d57e566e823a12d072f2bf72934f8d2d46bd46acf5156b719f42d4178683e637a411a64c5f747

    • SSDEEP

      6144:9lUZiPhyiSgnUSTTd9GlbbE0TrHnzh9UTBKK:gZiPhyiSgnUS3d9GlvRPnzh9UTQK

    Score
    3/10
    discovery
    behavioral6

    • Target

      wincr.dll

    • Size

      320.0MB

    • MD5

      d248bc2a89f90993966e708fbf03c2d5

    • SHA1

      c5916462456370da9602bb6e64b032b6d00903ff

    • SHA256

      e8382b8686ce3cba6f69459ed235f74581ddd04a5392924c74b8a0d773eefb98

    • SHA512

      1d7d44f957f750f1a26cf0c10ce34ab2ffddafb0b9b99f423a593ba3b8d852b8f14f8b144a234966a44f5b8c090c24d8094c353b6aa618492dc1dcc15a0be71d

    • SSDEEP

      24576:kbUsKq9KXqY0VVAQBhg/MmacjCCvlvKCt6jKiO0QF66SyZeC:kXY0nAQBhg/MFcjCCvlvKCt6S0Q

    Score
    3/10
    discovery
    behavioral7

MITRE ATT&CK Enterprise v15

Tasks