Overview

overview

10

Static

static

3

944acac373...4b.exe

windows7-x64

1

944acac373...4b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-04-2024 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    944acac373a28c754566ded96145a946e3a9247eb12a9ddc5c02c45a2523fd4b.exe

  • Size

    384KB

  • MD5

    05ca7d0fbc3f0eaedc695db4c530fd8a

  • SHA1

    3ba749c11621f06b5fe4a666deb9ec86b35d2e34

  • SHA256

    944acac373a28c754566ded96145a946e3a9247eb12a9ddc5c02c45a2523fd4b

  • SHA512

    34b4bd4fa6dda721588735cd81d01b2eece3767a73b189eae8660c49a678a7e4ab8b1d0984d20d0593b19f16f58bbada8b66981d8cfa83185a47790f37f2f29e

  • SSDEEP

    6144:8CBR86l9JZFYccYzElwywOzhVr3VhsqowyGT/nT:bA6l9JZG9pAOdx3V+qo3Y

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://deadpanstupiddyjjuwk.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\944acac373a28c754566ded96145a946e3a9247eb12a9ddc5c02c45a2523fd4b.exe
    "C:\Users\Admin\AppData\Local\Temp\944acac373a28c754566ded96145a946e3a9247eb12a9ddc5c02c45a2523fd4b.exe"
    1⤵
      PID:4520
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4520 -s 1212
        2⤵
        • Program crash
        PID:1316
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 4520 -ip 4520
      1⤵
        PID:4576

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4520-1-0x0000000000C50000-0x0000000000D50000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4520-2-0x00000000028C0000-0x0000000002908000-memory.dmp

        Filesize

        288KB

        Download

      • memory/4520-3-0x0000000000BE0000-0x0000000000BE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4520-4-0x0000000000400000-0x0000000000B08000-memory.dmp

        Filesize

        7.0MB

        Download

      • memory/4520-6-0x00000000028C0000-0x0000000002908000-memory.dmp

        Filesize

        288KB

        Download