Overview

overview

10

Static

static

3

Mal2/Comn.dll

windows7-x64

3

Mal2/Comn.dll

windows10-2004-x64

3

Mal2/QtCore4.dll

windows7-x64

3

Mal2/QtCore4.dll

windows10-2004-x64

3

Mal2/QtGui4.dll

windows7-x64

3

Mal2/QtGui4.dll

windows10-2004-x64

3

Mal2/Set-up.exe

windows7-x64

10

Mal2/Set-up.exe

windows10-2004-x64

10

Mal2/breast.html

windows7-x64

3

Mal2/breast.html

windows10-2004-x64

4

Mal2/libcr..._1.dll

windows7-x64

3

Mal2/libcr..._1.dll

windows10-2004-x64

3

Mal2/libssl-1_1.dll

windows7-x64

3

Mal2/libssl-1_1.dll

windows10-2004-x64

3

Mal2/msvcp80.dll

windows7-x64

3

Mal2/msvcp80.dll

windows10-2004-x64

3

Mal2/msvcr80.dll

windows7-x64

3

Mal2/msvcr80.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5842375b33d1461015322baac92a5d31e460dcc3b85e1d30d20196af96f81612.zip

  • Size

    8.7MB

  • Sample

    250317-dbtl4axzgw

  • MD5

    6fdc5ce2ecd97b33ad8b7290103674ba

  • SHA1

    1550516201bebc1e7b1a799d89b2b397bf2348a6

  • SHA256

    5842375b33d1461015322baac92a5d31e460dcc3b85e1d30d20196af96f81612

  • SHA512

    fd997cb3b113df4bd71f854eb73b6e4e2e9f8d276f1d01b03516a00209eb4b5e2b0d361268cd309b109659100ff0bec4f702cd87d697e82ba3a1d21a3b868d9e

  • SSDEEP

    196608:0jJ/lSeJUQOv6NsuJh08cwQagAuWBGjx1Rox8HUL0m:0h6bXuJq86aHuWBGjx1RoxdQm

Score
10/10
latrodectuslummadiscoveryloaderspywarestealer

Malware Config

Extracted

Family

lumma

C2

https://partparcadi.shop/api

https://crosshairc.life/api

https://mrodularmall.top/api

https://jowinjoinery.icu/api

https://plegenassedk.top/api

https://htardwarehu.icu/api

https://jcjlaspcorne.icu/api

https://bugildbett.top/api

https://weaponrywo.digital/api

Extracted

Family

latrodectus

Version

1.4

C2

https://remustarofilac.com/test/

https://horetimodual.com/test/
Attributes
  • group

    Ferrary

  • user_agent

    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Tob 1.1)

aes.hex
1
d623b8ef6226cec3e24c55127de873e7839c776bb1a93b57b25fdbea0db68ea2

Targets

    • Target

      Mal2/Comn.dll

    • Size

      349KB

    • MD5

      f76f5a566cbb5f561d26e7aca841c723

    • SHA1

      4838fd2dd9dbfcdaf2b1f11091f15a17f93c29be

    • SHA256

      0576fc3b0c9381c47a8a9443abdd195eebb34ece0adc5c6d17624ca0e914e8e3

    • SHA512

      9f574f09a4c54b8e786846297fcfad7af647eb134d8e960b078a83e982ccae2956aa6c4c1014c01c7774461e31314904cb6dfc325c7a90c3e31130838beb24c0

    • SSDEEP

      6144:OghGJtKYAMn4uXXS49wb/wNK/YgNelveftFe/vbu9/wMLm4+KqhnWlLutAONKFj2:7pYA84uscNCDeVuy4onWWaj2

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Mal2/QtCore4.dll

    • Size

      2.3MB

    • MD5

      03985b7b207e63b6bb894ea6ea78d92b

    • SHA1

      0e6fc44b1f3c724e6050152d9e240a548314a6ff

    • SHA256

      793153a9262e4c280a71ea595fe49208a89766d6d344766af0abf8c32648f3e0

    • SHA512

      a2e9749c7d7c9745eb16b6976c6c208b3ce2ee524e958cf7c41d0d31a7fb761c4f66ad8320301c652ef4ea8128111ad9687e64f3944d40b933153d99ab8c272b

    • SSDEEP

      49152:boSCNMaKqdxVYZEC4brbrOFxDGJsv6tWKFdu9CrTduMlhEFWLjggXiWBv:ESCsf4fb6FQJsv6tWKFdu9CVJ

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Mal2/QtGui4.dll

    • Size

      675.9MB

    • MD5

      eb76a5bec2a70b516d7b751a769b47f6

    • SHA1

      494b7c3b714c1d273c48b160114acf9d3146f1df

    • SHA256

      9f96b75058f941a718ef7b0d0604f809ef9d7fe23d1414605f015d7a5fe61d68

    • SHA512

      e5c09dfb36fc6b52bac8609a6d29c4d73346775c233231a849a297e0e8ae00137eedebc6c606ce47e28e5f224802aa59e98cfff82cf9c9fdf4afa8366cb0b465

    • SSDEEP

      98304:QxsOZAe0cTSFGuzhyzzJx13wQMNVZoznsO+vV:QxxZNeoAcU

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Mal2/Set-up.exe

    • Size

      335KB

    • MD5

      61dc7844b70f4e6ffce0ec875dcc7faf

    • SHA1

      436a95a2135264bacaae51f6aa6a60c2ad6308c7

    • SHA256

      6ca9becba92609d2974352a205725346c696e864d087b63ea2afabd52707fb87

    • SHA512

      bbf2ce889e76a024b5c85b84b544608526b3a460f9751d3b2aa51a404f517705dc6d40756caa8071a65271e67791a16fb2bbbbc4d0b78c93e670c96404fba765

    • SSDEEP

      6144:k32qf6qqDdoAZrdsTs/88TuIc4vlico6CUwtXHQgO6aFuO:k32qKRfiTKNyGFuO

    Score
    10/10
    lummadiscoveryspywarestealerlatrodectusloader

    • Latrodectus family

      latrodectus

    • Latrodectus loader

      Latrodectus is a loader written in C++.

      loaderlatrodectus

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Downloads MZ/PE file

    • Suspicious use of SetThreadContext

    behavioral7behavioral8

    • Target

      Mal2/breast.html

    • Size

      51KB

    • MD5

      32b7055e66439065de5ea5c8cc51ec80

    • SHA1

      b3af36490fc9bec19b6041221191eadf582e14b5

    • SHA256

      467459cf4763513e74820b221770142c560620d749fcf588fad4d38bb3d15cc7

    • SHA512

      fc9903fdeae2e21cfa58e716dbc9892f3b4de4e81286a22ae9e3a084502d161d14257690fb1f0815327ffd3140bd0fa774683a120c32a41bbb8d849b04abaa34

    • SSDEEP

      768:2XM8+KzTjc2gqtbminV1FibevwtqhhftLEayWud/DGC/QNZU50ugfCTgccp20t7j:UpzPSqh7vRXLExvrGdC0cK77GpN+/UI

    Score
    4/10
    discovery
    behavioral10behavioral9

    • Target

      Mal2/libcrypto-1_1.dll

    • Size

      2.2MB

    • MD5

      832205883448ab8c689d8a434d92f80b

    • SHA1

      890c403a288c65683edbe9917b972ceb6eb7eba7

    • SHA256

      558addae67d50612acd60a02fb29d41be61999d299348df9a225e419cc9395ed

    • SHA512

      0c1b8b3776c14b78f9b7ac09627ca7762f62c63da489204f376519752b029951798c1ed24aed07cc660c5e54936c06560fda921e33a76e80ebab10ef97177973

    • SSDEEP

      49152:bzbweqQy7Fx+17AOaXV8pBnK8CGS1CPwDv3uFyiWT4oEQ:HbjBy7r+7bUGnK8pS1CPwDv3uFyi2

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Mal2/libssl-1_1.dll

    • Size

      641KB

    • MD5

      cdbf8cd36924ffb81b19487746f7f18e

    • SHA1

      781190c5a979359054ce56ceef714a8f5384cfbb

    • SHA256

      0813c77df688b39f26bad0be2b3e4afde13e97d9a1ebcbdb3b1f4184218d1a57

    • SHA512

      ca43450e853b3c74808ad199abe329ac2a2d7ae2e84c17fb467374c22ec9620fb102c75889e279e2d28f0ebd14d8bafafe700241ba4141fd64b4801802a3d474

    • SSDEEP

      12288:gS8b77+Zdm6b8nU2j64YEc9zYe5ZLKTedJHs8AO6yzBK:gSb9B8TedJHQO68K

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      Mal2/msvcp80.dll

    • Size

      536KB

    • MD5

      272a9e637adcaf30b34ea184f4852836

    • SHA1

      6de8a52a565f813f8ac7362e0c8ba334b680f8f8

    • SHA256

      35b15b78c31111db4fa11d9c9cad3a6f22c92daa5e6f069dc455e72073266cc4

    • SHA512

      f1f04a84d25a74bb1cf6285ef705f092a08e93d39df569f6badc45b8722d496bbbef02b4e19f76a0332e3842945506c2c12ad61fe34f339bb91f49b8d112cd52

    • SSDEEP

      12288:jZY4lOHMwLwXBt+iak8txUa/hUgiW6QR7t5j3Ooc8NHkC2em:jZY4lOHMM8wix8tBj3Ooc8NHkC2e

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Mal2/msvcr80.dll

    • Size

      612KB

    • MD5

      43143abb001d4211fab627c136124a44

    • SHA1

      edb99760ae04bfe68aaacf34eb0287a3c10ec885

    • SHA256

      cb8928ff2faf2921b1eddc267dce1bb64e6fee4d15b68cd32588e0f3be116b03

    • SHA512

      ced96ca5d1e2573dbf21875cf98a8fcb86b5bcdca4c041680a9cb87374378e04835f02ab569d5243608c68feb2e9b30ffe39feb598f5081261a57d1ce97556a6

    • SSDEEP

      12288:mxzh9hH5RVKTp0G+vFhr46CI600yZmGyYG:mph9hHzVKOpt6MmGyY

    Score
    3/10
    discovery
    behavioral17behavioral18

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.