Analysis
-
max time kernel
300s -
max time network
303s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
01/05/2023, 11:48
Behavioral task
behavioral1
Sample
LummaC2.exe
Resource
win7-20230220-en
4 signatures
300 seconds
General
-
Target
LummaC2.exe
-
Size
208KB
-
MD5
8b310c86941021405f3222d538387466
-
SHA1
dca86ed4f4f3bcf34fdd38eecc9fa4559d67e898
-
SHA256
9222cafbc8c147ba28b86efdb0be806e671bdb4f22abae2201f802b79f64caac
-
SHA512
1fc7e6c1b793d8b6dd31f0ada1a9a6c86743d33f10ad9cd95b805a73f931fd0bb7a89794782a706c59d6f5d48582a45f6d0065796acfd5682dbe8ce3dd42cc94
-
SSDEEP
3072:KNu5n9Ephmo10MM7TdPoIVC8dlWgEtGJPWRtXx33ieLQsJo/9hWdkhXPwI2:KNu5nuWIMoI3aRthhLZWVh4g2
Malware Config
Signatures
-
Reads user/profile data of local email clients 2 TTPs
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.