lumma | 2ba315ff4d5e4d85b85759fffad1152c3388a8e761c32dfde8c72fff1b96bfe5 | Triage

Resubmissions

17-04-2024 07:33

240417-jdvvtsae31 10

17-04-2024 06:33

240417-ha7jsahe7s 10

Sharing

General

Target

2ba315ff4d5e4d85b85759fffad1152c3388a8e761c32dfde8c72fff1b96bfe5.zip
Size

23.4MB
Sample

240417-jdvvtsae31
MD5

e4461e16ebd9b9c4a34a754c9962dc5e
SHA1

468a491e227d3ca2be95a0f37bc6a4f2a13c40b4
SHA256

2ba315ff4d5e4d85b85759fffad1152c3388a8e761c32dfde8c72fff1b96bfe5
SHA512

e1a8deadddb2664061be077fd1a7a45af19453e4ab07e2b3e69748355b881c285c46b98087b954abd5cf88f497bfe3fcbcd014f32c2c79062919b3ab63fde149
SSDEEP

393216:uD8VuUVsghRGviy2dAG8stFbrI8gxD9AfwBmJxzowCl7QkhHZtAOfaa6n3Jp+NCd:uDBIJ4iy2d3txrI93azanhQOun5T

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://explocommisiowsa.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  2.3MB
- MD5
  
  5d52ef45b6e5bf144307a84c2af1581b
- SHA1
  
  414a899ec327d4a9daa53983544245b209f25142
- SHA256
  
  26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616
- SHA512
  
  458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48
- SSDEEP
  
  49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2