Overview

overview

10

Static

static

3

VoicemodSetup.exe

windows10-1703-x64

10

VoicemodSetup.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    VoicemodSetup.exe

  • Size

    291KB

  • Sample

    240409-1js2vscf63

  • MD5

    a48fde5b8195bf0463a74a2fc9e0026f

  • SHA1

    d90f57f8ff7241a38696d44535bd5b442509e9d5

  • SHA256

    04c64e8c2345023c052f82c206a857f6cdf681de72b81622e55fee612bee0be8

  • SHA512

    f87692079fa81e13ccb1fb10f0a37fafb717e25d0104e13e8471784f4e8d233c3b94131ab4bcee60efe04da7ee7b2a960fbdd4fe0b3713642af89485037df6eb

  • SSDEEP

    6144:GR2HtQuuqg+IocEPjMSy1fiU0uTmzyS/amAL+cTNA4VCaLeqYbfrDOSe5:62SL+GEj9y1V/mzla3+J4IueqpZ

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://directorryversionyju.shop/api

https://birdpenallitysydw.shop/api

https://cinemaclinicttanwk.shop/api

https://disagreemenywyws.shop/api

https://speedparticipatewo.shop/api

https://fixturewordbakewos.shop/api

https://colorprioritytubbew.shop/api

https://abuselinenaidwjuew.shop/api

https://methodgreenglassdatw.shop/api

Targets

    • Target

      VoicemodSetup.exe

    • Size

      291KB

    • MD5

      a48fde5b8195bf0463a74a2fc9e0026f

    • SHA1

      d90f57f8ff7241a38696d44535bd5b442509e9d5

    • SHA256

      04c64e8c2345023c052f82c206a857f6cdf681de72b81622e55fee612bee0be8

    • SHA512

      f87692079fa81e13ccb1fb10f0a37fafb717e25d0104e13e8471784f4e8d233c3b94131ab4bcee60efe04da7ee7b2a960fbdd4fe0b3713642af89485037df6eb

    • SSDEEP

      6144:GR2HtQuuqg+IocEPjMSy1fiU0uTmzyS/amAL+cTNA4VCaLeqYbfrDOSe5:62SL+GEj9y1V/mzla3+J4IueqpZ

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks