Overview

overview

10

Static

static

3

Wave-Execu...in.zip

windows7-x64

1

Wave-Execu...in.zip

windows10-2004-x64

1

Wave-Execu...ignore

windows7-x64

3

Wave-Execu...ignore

windows10-2004-x64

3

Wave-Execu...ICENSE

windows7-x64

1

Wave-Execu...ICENSE

windows10-2004-x64

1

Wave-Execu...er.zip

windows7-x64

1

Wave-Execu...er.zip

windows10-2004-x64

1

Loader/Loader.exe

windows7-x64

10

Loader/Loader.exe

windows10-2004-x64

10

Loader/dmx...ls.dll

windows7-x64

1

Loader/dmx...ls.dll

windows10-2004-x64

1

Loader/lik...er.dll

windows10-2004-x64

1

Loader/lik...ll.mui

windows7-x64

3

Loader/lik...ll.mui

windows10-2004-x64

3

Loader/lik...ll.mui

windows7-x64

3

Loader/lik...ll.mui

windows10-2004-x64

3

Loader/lik...ll.mui

windows7-x64

3

Loader/lik...ll.mui

windows10-2004-x64

3

Loader/mqutil.dll.mui

windows7-x64

3

Loader/mqutil.dll.mui

windows10-2004-x64

3

Loader/samlib.dll

windows7-x64

1

Loader/samlib.dll

windows10-2004-x64

1

Loader/wdi.dll

windows10-2004-x64

3

Wave-Execu...DME.md

windows7-x64

3

Wave-Execu...DME.md

windows10-2004-x64

3

Wave-Execu...lt.jpg

windows7-x64

3

Wave-Execu...lt.jpg

windows10-2004-x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Wave-Executor-main.zip

  • Size

    341KB

  • Sample

    250226-rh95baslx3

  • MD5

    e3b9a493af4848643203ac2f1d767c8a

  • SHA1

    7e50c39ee37ce841bbacc4857a82106a8fd1bfd5

  • SHA256

    df6c9e15768a2f161e161606518e24f5e392a52c5aeca1358150b3f153a5dcd3

  • SHA512

    d06d3f12eb86655b975c31fde334256f3e1f9662bffabac3bdfac0e5ab01d32636a08bb4136dd4848c894984a226c96aa254db55423306dbb877c170c9fe7d7e

  • SSDEEP

    6144:TaQZmt/wUBqeK08KU60OQgsO81PoRoF1Xto+rrjLj7NwFyXosukks1JZT:TaQZU/W9360Csf1PRF1XtoejniAXosuu

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

https://brendon-sharjen.biz/api

Targets

    • Target

      Wave-Executor-main.zip

    • Size

      341KB

    • MD5

      e3b9a493af4848643203ac2f1d767c8a

    • SHA1

      7e50c39ee37ce841bbacc4857a82106a8fd1bfd5

    • SHA256

      df6c9e15768a2f161e161606518e24f5e392a52c5aeca1358150b3f153a5dcd3

    • SHA512

      d06d3f12eb86655b975c31fde334256f3e1f9662bffabac3bdfac0e5ab01d32636a08bb4136dd4848c894984a226c96aa254db55423306dbb877c170c9fe7d7e

    • SSDEEP

      6144:TaQZmt/wUBqeK08KU60OQgsO81PoRoF1Xto+rrjLj7NwFyXosukks1JZT:TaQZU/W9360Csf1PRF1XtoejniAXosuu

    Score
    1/10
    behavioral1behavioral2

    • Target

      Wave-Executor-main/.gitignore

    • Size

      3KB

    • MD5

      e5e81fdb76c0774efca175557ac121e5

    • SHA1

      162a8fa2ba96b278a25c677fae36a54bd46c420d

    • SHA256

      1674ac8ed7488af605be80c1f3a20bc1f4c2b47b8549346722948385ffc87e8c

    • SHA512

      a74731191e34235a8c1fa83dfc476753529c962af465fb5cf8ae931fa9e245566d627009d6eb3eca4f8904b927f31b07f8a8de10279f3dae8ddf9cab6cb35edc

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Wave-Executor-main/LICENSE

    • Size

      1KB

    • MD5

      57d76440fc5c9183c79d1747d18d2410

    • SHA1

      2c87153926f8a458cffc9a435e15571ba721c2fa

    • SHA256

      002c2696d92b5c8cf956c11072baa58eaf9f6ade995c031ea635c6a1ee342ad1

    • SHA512

      df52e9f5c6da9a1dc37be99d0b3f54490d1bc9f47627693d41bbb722280099e1d39c333b97b8eefc33e724dde1809307282e53cc1dffdec25cee2299877b732b

    Score
    1/10
    behavioral5behavioral6

    • Target

      Wave-Executor-main/Loader.zip

    • Size

      258KB

    • MD5

      e295c0217ff080e11e5990c588349a05

    • SHA1

      ee4576fc8ff43c3571d234347452095ae8d5c571

    • SHA256

      9a07d7e4e11efdddeb46b4b110876879a8525c222e283c24e649f9254d6e9269

    • SHA512

      780a81f9bae032082c633aca9eae188c461bf8144d0636ff637291d03e88f3305eba8ebdc7417869b00034417b6b4c2d08c842c58839d149e01c2d2b135c027c

    • SSDEEP

      6144:84pU5md/gWDdKO8KA6AOAgsO81PsRoB1XtgIrrvWnmp7t:8r5y/gcm16A0sf1PlB1Xtg4vWnst

    Score
    1/10
    behavioral7behavioral8

    • Target

      Loader/Loader.exe

    • Size

      299KB

    • MD5

      eb604e2a70243acb885fe5a944a647c3

    • SHA1

      4f115acfa7662547b877c75a6845297d49713621

    • SHA256

      573c1ce9085c71b0a2e2ee2c96fe3b47d3f941bf5e23e3f46289135eaa153d26

    • SHA512

      7db14e91f19fcab5ac29d4a30d500bc0b115195233c58e6362cfbe2466ceb74c2de5b4cfa7ed38dc2ecaa3d4323573f266c67c71949d69c0ccdcb439b40fb83c

    • SSDEEP

      6144:bS+md7kdWDdKOQKA6GOAgsO81PsRIB1Xtgmu9OMRBUU:b5WCc+16G0sf1P7B1Xtgmu9TR

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma
    behavioral10behavioral9

    • Target

      Loader/dmxmlhelputils.dll

    • Size

      259B

    • MD5

      9abd95d760a752257bcb7f5ee3c14008

    • SHA1

      29c4a0b474ef189b2f6a267d560b103ab5f4b323

    • SHA256

      d9050e97477cfe7be44992a505c2cdad8f0f43a3c0bf0e1e1a3d1f175d92ac51

    • SHA512

      f39a345e695d42d81a35b71923da8dd1907a0c48da24f580a102600fb72bcf259ee817414e736d67b0f1196dae0610a00926b1aa94640171e6f5cf09b6830da7

    Score
    1/10
    behavioral11behavioral12

    • Target

      Loader/likodi/NotificationController.dll.mui

    • Size

      4KB

    • MD5

      5a940db75a80c7571cc221cf3870ef78

    • SHA1

      203ac94c768a8916ce70f6db7ada481185c06eaf

    • SHA256

      d3e15411a49c52b69d00ea4c32a3eba6eadb26da7b7f294e90c75aa7d33f210f

    • SHA512

      ec639abf80a633f3fa1a848d2236ca8cf28d45a5a0af85df6c3273f05fcb6db2fe6afbc057761c07234ca3f9b619866697dd357d155ab5df8e1687267ecc7099

    Score
    1/10
    behavioral13

    • Target

      Loader/likodi/SmiEngine.dll.mui

    • Size

      169B

    • MD5

      a0db1f60834e4cc834d87ce05449e86d

    • SHA1

      5ad5350876f587ad738c6337aadcca27933d9fc4

    • SHA256

      0d8f35e8bdb5d7b9e705745c3d53e5ad009af47ecec5d05c73ae7196e2944ca2

    • SHA512

      630acfbae48e16210b61b05dae1b494d7afaaf9977a5367e6f7bf157b731ea67707012b8eb0ad56fa5b5b24c6ade610b10ddd1a96d240ea71487fe1ef8caf4ac

    Score
    3/10
    discovery
    behavioral14behavioral15

    • Target

      Loader/likodi/netid.dll.mui

    • Size

      366B

    • MD5

      cd2e3b8d8a457c5dc46b32e22aa6f85f

    • SHA1

      b71a3f79c55dc591e9594b2ad53b6610d84c4b3a

    • SHA256

      780a4f435e71ec9644ad58e83d6064471f045908fc616405ab7a39ad4d1356ce

    • SHA512

      d307363dc65f277ee937915a508c418abfa7c7bf0ab49fff5463fe6c901c5f65dc27e13df0cc3628a9a3796fb93d127dc3125612b4f0b7c0e6f9506fad495dae

    Score
    3/10
    discovery
    behavioral16behavioral17

    • Target

      Loader/likodi/wfascim.dll.mui

    • Size

      1KB

    • MD5

      6dd6dcef7b35588fe7f1eb40f6eb3027

    • SHA1

      99d107866231bd3eeeab1ebbb4d01faf8151fa69

    • SHA256

      329dfd52a5c9e01ea98625662241fccc11e5f49074cfa7e429b6426245fc4bd5

    • SHA512

      3ab0608e7e9167ba6c6fc1f5fe2d3d9733e2b089e585194eb479a35173bfb34bca1953f9fa35b8838dc14d5785964b041989dea8907c29b1ddec8354d7865edf

    Score
    3/10
    discovery
    behavioral18behavioral19

    • Target

      Loader/mqutil.dll.mui

    • Size

      1KB

    • MD5

      cb3a5f54d475674a55d0a326a1cb1124

    • SHA1

      7a7a817f76a27e1529c617bdb96fd06325d6c873

    • SHA256

      5a23c3e2186af35842be09ed51b3e073685b0c812e2ce671f084b38f5e894751

    • SHA512

      88f1c72aacd2e7c1d0086abb27116fb10acdf2052408589914794d88e0f738859df82c2a6f93222ebcf62e71dc390756b1ecf3362008a96ba3acf6c63ddde083

    Score
    3/10
    discovery
    behavioral20behavioral21

    • Target

      Loader/samlib.dll

    • Size

      9KB

    • MD5

      f3078d7cbe7d330f06c51dc177f58e6f

    • SHA1

      bb191e939d938b6fd9145473b4fb16cd48e33595

    • SHA256

      83b293af5ae8fa2f226dc86c4b9aeb5f6af41880eb72c55c895c2ab445b0bbd9

    • SHA512

      1749bbc37baa46aa95a883029ac52a366fbbe26963ac38e34dc5f6eca150a6a6158f8657543d4ecef59dae3570180bf472c981b1473c98be9c570b42aab0e897

    • SSDEEP

      192:xxoFkSrGiZ3P621D3xjzAS9CNnGhk8YGCPQp+7FTQgl7OQHQF2T:xxofVZ3T9jkS9ClwkvGsDppl3wET

    Score
    1/10
    behavioral22behavioral23

    • Target

      Loader/wdi.dll

    • Size

      86KB

    • MD5

      7d326b235ab064ff70376f1d015cc084

    • SHA1

      3b394e93ef206d30fafbf3202a5a63a4b6667580

    • SHA256

      404dda0bdf9a6c1c61653cf7e965f504b3a3a3b662f88c906aaa19a9c3df160c

    • SHA512

      f33face04507edd462b40dfd0771da3f241374c99fc956def9678a05c15bf5f8c945579006ab250646120a7f983fe4a57b55c93bdf921142f6464bc74fee2347

    • SSDEEP

      1536:2xg+XurUE+dlamMsyhirFoNZ5MtDPQEInpF6qbTyuVKiRoTnd5Zatd2nZXBjVym4:2x5XXdMTsyhirFoNZ5MtDIBpFtvLASoy

    Score
    3/10
    discovery
    behavioral24

    • Target

      Wave-Executor-main/README.md

    • Size

      590B

    • MD5

      5c3a2790c76df304790b6785ddc400c9

    • SHA1

      b15e7df717d793030a1b31a6fc94d2f1274aa8be

    • SHA256

      8e34c97b6f2d7ea77be700bb6f1ff10f17847c9d35a9e347c92c788321c89e1c

    • SHA512

      a9fbe7ea38a853c50491541684543e849e5c16d00dfb6fd97c2fbd5cbf36d47072e9ce9c7277a120ef289e455a1e2419db1b22c1da2acecb6172a4f88aa47eb6

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      Wave-Executor-main/maxresdefault.jpg

    • Size

      87KB

    • MD5

      dadd119b96d8521653eb090991b0732a

    • SHA1

      7dea2df2b38dc7742cc18ca3d3b9cfb1685ffbfc

    • SHA256

      458c78f2a77751b43d8ee65cf998cd152f07c43eda0b036f85bec1adddaf56c8

    • SHA512

      44ae82dc429bff9fd802d7fffa62d90db8353182c4442a631f5dee47690e8457bc36d8fcee215cd02d08e4b61466480b629858f1075a07d672ea79035403c589

    • SSDEEP

      1536:Ftu05L4jfaMKHO2b2eoV1CnGQutzrBZQB7SXd72ODkcBQuj1DYtj+:h5L4Wb2eosnJuZBq70d73DkciutSj+

    Score
    4/10
    behavioral27behavioral28

MITRE ATT&CK Enterprise v15

Tasks