General

  • Target

    thunder.exe

  • Size

    649KB

  • Sample

    240224-yj82zach93

  • MD5

    de255e5e8178ecefda9ac0617a621606

  • SHA1

    450e2f448e54f6dae8fadaaeb11f20dff0df9ebe

  • SHA256

    eead021690a43a1d5e7d7148000c3ab9339cb0d81708ae44ef82fbbe3d7dbff7

  • SHA512

    3642f2cf1e5771b9d93585d9a308a8e3f316f14aa41e80ae9fb48da1f6f835a22f30c4a6a05640e8649aeec19d709f869b5cafc707cf9498ed96ba0eb19fa67f

  • SSDEEP

    12288:QxK20cBcUyPBHQE6dIIykOHXGVd6TR49SQmVO:cKGBcUCHFgykOHXE8l4qVO

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://gemcreedarticulateod.shop/api

https://secretionsuitcasenioise.shop/api

https://claimconcessionrebe.shop/api

https://liabilityarrangemenyit.shop/api

Targets

    • Target

      thunder.exe

    • Size

      649KB

    • MD5

      de255e5e8178ecefda9ac0617a621606

    • SHA1

      450e2f448e54f6dae8fadaaeb11f20dff0df9ebe

    • SHA256

      eead021690a43a1d5e7d7148000c3ab9339cb0d81708ae44ef82fbbe3d7dbff7

    • SHA512

      3642f2cf1e5771b9d93585d9a308a8e3f316f14aa41e80ae9fb48da1f6f835a22f30c4a6a05640e8649aeec19d709f869b5cafc707cf9498ed96ba0eb19fa67f

    • SSDEEP

      12288:QxK20cBcUyPBHQE6dIIykOHXGVd6TR49SQmVO:cKGBcUCHFgykOHXE8l4qVO

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks