Overview

overview

10

Static

static

3

MasterKeyX....3.exe

windows7-x64

3

MasterKeyX....3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MasterKeyX_Pro_v4.3.exe

  • Size

    782KB

  • Sample

    250125-r5ab7sxlcs

  • MD5

    759ab3658c9bc6af1d9885d549173ebf

  • SHA1

    d8495e9cc8ef8f80a4a149aa633964fca3e08ae3

  • SHA256

    09267e88154b76a263fd7501e1325744a316ac686182c175de0f383a6616d6f2

  • SHA512

    b3e3bf950a95f68237ff96b1e679acbfe6715094e9fc0a48dba227cabe0e82f2fa7b9f2346330b594e4111ffb11dcdb5500b58cfde99c441e470ad24724a271b

  • SSDEEP

    12288:OvdfueB2I2qPjf+Jp4MG1ZaLeyxTJg/1SrSaUFEQmQ9ww:CfuiRPq46F89SrSaU2QmQaw

Score
10/10
lummavidardiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/sc1phell

https://steamcommunity.com/profiles/76561199819539662
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Extracted

Family

lumma

C2

https://toppyneedus.biz/api

Targets

    • Target

      MasterKeyX_Pro_v4.3.exe

    • Size

      782KB

    • MD5

      759ab3658c9bc6af1d9885d549173ebf

    • SHA1

      d8495e9cc8ef8f80a4a149aa633964fca3e08ae3

    • SHA256

      09267e88154b76a263fd7501e1325744a316ac686182c175de0f383a6616d6f2

    • SHA512

      b3e3bf950a95f68237ff96b1e679acbfe6715094e9fc0a48dba227cabe0e82f2fa7b9f2346330b594e4111ffb11dcdb5500b58cfde99c441e470ad24724a271b

    • SSDEEP

      12288:OvdfueB2I2qPjf+Jp4MG1ZaLeyxTJg/1SrSaUFEQmQ9ww:CfuiRPq46F89SrSaU2QmQaw

    Score
    10/10
    discoverylummavidarstealer

    • Detect Vidar Stealer

      stealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks