lumma | 0a115cf0821cd01199c474d8b3a5211b06ee8adb894309d8110dad577e6e9117 | Triage

Submit
Reports

Overview

overview

Static

static

031f0b4bce...cs.exe

windows7-x64

031f0b4bce...cs.exe

windows10-2004-x64

Sharing

General

Target

031f0b4bce3ba22d9e46cbeec1b73360_NeikiAnalytics
Size

3.3MB
Sample

240514-wb5y8sha68
MD5

031f0b4bce3ba22d9e46cbeec1b73360
SHA1

4d6899fff97cff74a188c772aacfee3ea73731e6
SHA256

0a115cf0821cd01199c474d8b3a5211b06ee8adb894309d8110dad577e6e9117
SHA512

f1bd60f3989d56f7775956347f03e8b69f36f4424ecf6bdbb818c9cc4ac4f4ac16e32a21ff3a096acc1ea69f9b98126d42b582e9556ecec2503042b12217279f
SSDEEP

49152:B6Ee3j3piO4kHpKW4l4Gkdnx6KUnUa7ufJcbHpmqn8W42LQEKJWAOfraP:B6x3vZ4mGkz6KUr7ufJFiy60WAOfraP

Score

10^/10

lumma zgrat rat stealer

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

031f0b4bce3ba22d9e46cbeec1b73360_NeikiAnalytics.exe

Resource

win7-20240508-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

031f0b4bce3ba22d9e46cbeec1b73360_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

lumma zgrat rat stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://sloganprogrevidefkso.shop/api

https://sofaprivateawarderysj.shop/api

https://lineagelasserytailsd.shop/api

https://tendencyportionjsuk.shop/api

https://headraisepresidensu.shop/api

https://appetitesallooonsj.shop/api

https://minorittyeffeoos.shop/api

https://prideconstituiiosjk.shop/api

https://smallelementyjdui.shop/api

Targets

- Target
  
  031f0b4bce3ba22d9e46cbeec1b73360_NeikiAnalytics
- Size
  
  3.3MB
- MD5
  
  031f0b4bce3ba22d9e46cbeec1b73360
- SHA1
  
  4d6899fff97cff74a188c772aacfee3ea73731e6
- SHA256
  
  0a115cf0821cd01199c474d8b3a5211b06ee8adb894309d8110dad577e6e9117
- SHA512
  
  f1bd60f3989d56f7775956347f03e8b69f36f4424ecf6bdbb818c9cc4ac4f4ac16e32a21ff3a096acc1ea69f9b98126d42b582e9556ecec2503042b12217279f
- SSDEEP
  
  49152:B6Ee3j3piO4kHpKW4l4Gkdnx6KUnUa7ufJcbHpmqn8W42LQEKJWAOfraP:B6x3vZ4mGkz6KUr7ufJFiy60WAOfraP
Score

10^/10

zgrat rat lumma stealer
- Detect ZGRat V1
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

lummazgratratstealer

© 2018-2024

Terms | Privacy