General

  • Target

    Setup.zip

  • Size

    115.0MB

  • Sample

    250601-ex85catjz5

  • MD5

    0b65e5d29e052e06f641c188453e5593

  • SHA1

    cec5cce11e764266c3812032403ddbfec2bc8f65

  • SHA256

    eebd804acc234e15383918df836bc3aaec5970b71f7f08b853630500695435f8

  • SHA512

    a2535d7e8803c8bd59e2371f3f8c980aa317f814ab36831aa9d95ca60ec8d2f6de1858c821c8c8998db8c86252c1bee1cbfcdaf02e7d819bab87fa8997787e96

  • SSDEEP

    1572864:v0RSUN886q0FD5vFJUJztfGQbc1PpbppdXTsXxRZimDNEAIo8O4K9dpRkYfQu:v0RSUND0T3UjfvcHzJMAyr1OYfQu

Malware Config

Extracted

Family

lumma

C2

https://https://t.me/pizdenka202020/api

https://autogearw.live/tapsz

https://narrathfpt.top/tekq

https://escczlv.top/bufi

https://localixbiw.top/zlpa

https://korxddl.top/qidz

https://harumseeiw.top/tqmn

https://diecam.top/laur/api

https://citellcagt.top/gjtu

https://thundeqqbw.bet/aznd

Targets

    • Target

      Extreme Injector.exe

    • Size

      102.6MB

    • MD5

      de1db07310af8797366e1edb7075f85c

    • SHA1

      cb7b5b36bca948c3823dab03de3ea9d53a8552ac

    • SHA256

      08c8d6ac3b70e0a7319bde6d36ab7d80c17ef4d340704f8d76bbfd8b35784cdf

    • SHA512

      f5f29c4ddbd1f13c97b14a85ac93ffc4950e73d434bb1fe5cdece27f193c9fc88adfa4a7fb73a22b7a28cd1d4461f701be40ee429736e4c21e254acf416b27f5

    • SSDEEP

      49152:96umpEVeF7tqaJe0nmcpNhvEJnmcpNhvEk:9Tm+q7tbZn97hcJn97hck

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

    • Target

      Qt5Gui.dll

    • Size

      4.8MB

    • MD5

      d9b78f4b2f8f393c8854c7cc95eae5d8

    • SHA1

      8d648e7bda5b6bf7b02041189b9823fe8d4689e5

    • SHA256

      55faebb8f5e28cde50f561bbd2638db7edcfd26e7ee7b975e0049b113145ae38

    • SHA512

      6e76b524a56cc9bb5ae4beeedd41a48c35cf03c730752da3cae49862cb7bc3c17283099c39787f5933c1771eca7c2e651d92b961de7f43813f026eb295c90c81

    • SSDEEP

      49152:PcLeg66Ry8jdAYbppzo7Tzj1/JrRbkwW6Ydzzr3YCWizxCqDRkU9i4g1/JAyn:kLrBpr1o7bRyfdzzxz0NTA4

    Score
    3/10
    • Target

      Qt5Network.dll

    • Size

      840KB

    • MD5

      0fdda3a8c8be28993b156b24b300ccdf

    • SHA1

      57fe6cfd0b28708d23ae560675d4c462127722c8

    • SHA256

      335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1

    • SHA512

      4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453

    • SSDEEP

      12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2

    Score
    3/10
    • Target

      Qt5Svg.dll

    • Size

      253KB

    • MD5

      06cc5d18a496520e05bcfee1e3169535

    • SHA1

      98ba5d0ed52499a845038c3b4bcba356b9339f11

    • SHA256

      ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360

    • SHA512

      154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe

    • SSDEEP

      6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU

    Score
    3/10
    • Target

      Qt5Widgets.dll

    • Size

      4.3MB

    • MD5

      f697ffc85fb86d72654c4f5ba4e1bdc2

    • SHA1

      670657f598d408ab232dec75be6fc7983bc5ce4b

    • SHA256

      400fa69aa8803f6c3a6f9a5fc956475d0396095c4b6d4665b7aa29bbcb8e3640

    • SHA512

      47513892c22a193c51ecf09c8f3e4c4271a92be33b7b7d535290ea75a1498c5531881a26a85dbf758361e6892abf12a796f1c5c284a34f1d173d61d2012325b7

    • SSDEEP

      49152:Zhk8cs4FhK1FKBxR8Lcdm0OTqZ7uA/GrXHIaTU+cDZ0V37SUJ:7k8ymoBxKAdmL8yONaQi32UJ

    Score
    3/10
    • Target

      Setup.exe

    • Size

      1.6MB

    • MD5

      aa8ff53c7c7e79b124ff6690cf0059ef

    • SHA1

      433146fa0cdf453993a756ab43a9e70648a67b8c

    • SHA256

      fe6a614f6543444ceb902739c279b331d62f43b61c51f94faf0cabca3ffed902

    • SHA512

      2da68d9ce7e125e96aa0d1da259f50fc718a1acb2c8a5f34e9e51c8ad55ae9b4e6bea244cb714cb692bc92a205d0d452892cec57c685a91dee005917f6db086f

    • SSDEEP

      49152:96umpEVeF7tqaJe0nmcpNhvEJnmcpNhvEk:9Tm+q7tbZn97hcJn97hck

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

    • Target

      msvcp140.dll

    • Size

      731KB

    • MD5

      45ad5195977a46b165bb96887ac206de

    • SHA1

      ade19c68fc90514a987760f3a0fe881bc2dc3bc4

    • SHA256

      60bffec055dcee0eed7c3d2820fb501f81e022a2911f7b01f5ad71bd130f2c12

    • SHA512

      643bb1a63211dcd8ec62f15740934039b7dead7e823688f50598657fa870f74c3e25c245b50108dc1fda0f0887105f398f8d62a56f6aa3f652368f48abc6e6f6

    • SSDEEP

      12288:OCF7Zcy+NjkHtlzigWBqf/qq3R5W8ZB4zmRzbaTsViRUF9TZ:F7iy+1k99f93PW8ZBS+zbm7sr

    Score
    1/10

MITRE ATT&CK Enterprise v16

Tasks