Overview

overview

10

Static

static

3

7fea54a297...f3.exe

windows7-x64

1

7fea54a297...f3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/04/2024, 01:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7fea54a29707260f6d2d02534a8c4b1c2ea2fb43b98a1125cec28b7b0a430df3.exe

  • Size

    360KB

  • MD5

    945b79b0cb128f7a270cd4b793c01491

  • SHA1

    e9b14f2d7de74478fb4469c9022a5f346a01c273

  • SHA256

    7fea54a29707260f6d2d02534a8c4b1c2ea2fb43b98a1125cec28b7b0a430df3

  • SHA512

    7b41c90881d83a2ef78bb243c9d4252e446c4531b640d1a9f0ebbdfe69fe6099ac4240680140c3dfc6fe86710a51d7fb516781c3a4a9e433fb2ce12d02818616

  • SSDEEP

    6144:MLjsoc8qfLllfHNpjwKL+D9ruHjw9unJ3W:M/so03HNpk4OxuX

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://exceptionwillapews.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7fea54a29707260f6d2d02534a8c4b1c2ea2fb43b98a1125cec28b7b0a430df3.exe
    "C:\Users\Admin\AppData\Local\Temp\7fea54a29707260f6d2d02534a8c4b1c2ea2fb43b98a1125cec28b7b0a430df3.exe"
    1⤵
      PID:3400
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3400 -s 1084
        2⤵
        • Program crash
        PID:1160
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3400 -ip 3400
      1⤵
        PID:1448

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/3400-1-0x0000000002EE0000-0x0000000002FE0000-memory.dmp

              Filesize

              1024KB

              Download

            • memory/3400-2-0x0000000004880000-0x00000000048CC000-memory.dmp

              Filesize

              304KB

              Download

            • memory/3400-3-0x0000000000400000-0x0000000002C3D000-memory.dmp

              Filesize

              40.2MB

              Download

            • memory/3400-4-0x0000000000400000-0x0000000002C3D000-memory.dmp

              Filesize

              40.2MB

              Download

            • memory/3400-5-0x0000000004880000-0x00000000048CC000-memory.dmp

              Filesize

              304KB

              Download