Overview

overview

10

Static

static

3

CheatInjector.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CheatInjector.exe

  • Size

    507KB

  • Sample

    240629-va526s1flg

  • MD5

    74fc9ce1b489f3817b04bb3332162450

  • SHA1

    01158dfdec93914f4f72ff59da271a9b89ba9c89

  • SHA256

    b2d867a161a63c67631ed8fe41c64990975627400ac0907862e4e8dad8018ad1

  • SHA512

    51b24b45b07711e9c8651dbc1cd5660704b08dd78ec4bd2afb30f3abc28a897ba1b1e867ae6ba265d16358a19403036661e80d6c987c5f51d66fb00ac70d48a8

  • SSDEEP

    12288:0G0NNkaifcy3CqcNB6PLi2764VOg4l983MdNYgq8aqe:0jyaCcyPWi64VFYHdNDta

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://bitchsafettyudjwu.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      CheatInjector.exe

    • Size

      507KB

    • MD5

      74fc9ce1b489f3817b04bb3332162450

    • SHA1

      01158dfdec93914f4f72ff59da271a9b89ba9c89

    • SHA256

      b2d867a161a63c67631ed8fe41c64990975627400ac0907862e4e8dad8018ad1

    • SHA512

      51b24b45b07711e9c8651dbc1cd5660704b08dd78ec4bd2afb30f3abc28a897ba1b1e867ae6ba265d16358a19403036661e80d6c987c5f51d66fb00ac70d48a8

    • SSDEEP

      12288:0G0NNkaifcy3CqcNB6PLi2764VOg4l983MdNYgq8aqe:0jyaCcyPWi64VFYHdNDta

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks