Overview

overview

10

Static

static

3

Gtool.exe

windows7-x64

3

Gtool.exe

windows10-1703-x64

10

Gtool.exe

windows10-2004-x64

10

Gtool.exe

windows11-21h2-x64

5

Resubmissions

29-06-2024 21:22

240629-z8cwhawfpd 10

29-06-2024 21:22

240629-z788bawfmh 10

29-06-2024 21:20

240629-z6qdtazdnl 5

29-06-2024 19:43

240629-ye94gaxgmk 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Gtool.exe

  • Size

    526KB

  • Sample

    240629-z8cwhawfpd

  • MD5

    25d66863ae6b40666fe4ea3031c00957

  • SHA1

    07408d2073032c8fa07a1e3f1613274039183ef9

  • SHA256

    ffeabd18beabd0c0090ca6ff166e7f724ee80c120c602e46a4ce2e427887b762

  • SHA512

    03644f6de2da25939ec5b460f90d052718fce40f84d2d75788836a02d20f3352e967b6df80ddfd8b858f11af9ff9c08be419373f903063ee1aeb9a58385892a8

  • SSDEEP

    12288:PnUB23lHRG/X5maWsBZUXHgBEDwAW8WrlrpQy7lQ:PUE1H2JmaWs0CeFmZ

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://piedsiggnycliquieaw.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

Targets

    • Target

      Gtool.exe

    • Size

      526KB

    • MD5

      25d66863ae6b40666fe4ea3031c00957

    • SHA1

      07408d2073032c8fa07a1e3f1613274039183ef9

    • SHA256

      ffeabd18beabd0c0090ca6ff166e7f724ee80c120c602e46a4ce2e427887b762

    • SHA512

      03644f6de2da25939ec5b460f90d052718fce40f84d2d75788836a02d20f3352e967b6df80ddfd8b858f11af9ff9c08be419373f903063ee1aeb9a58385892a8

    • SSDEEP

      12288:PnUB23lHRG/X5maWsBZUXHgBEDwAW8WrlrpQy7lQ:PUE1H2JmaWs0CeFmZ

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks