Overview

overview

10

Static

static

1

8319ca6cf9...c7.exe

windows7-x64

5

8319ca6cf9...c7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5223c17afa5180b54eafa29578b185a22de11c73d51535935912393fa00a8d13

  • Size

    315KB

  • Sample

    240417-qsntdsbb8s

  • MD5

    7c11684c6c9372cfaf03be2a3f7a9a30

  • SHA1

    9635c74ea1faf57d1484b1ad57eaec9a3d5e52af

  • SHA256

    5223c17afa5180b54eafa29578b185a22de11c73d51535935912393fa00a8d13

  • SHA512

    58e35b330018ec0b450ba3f5a0d3df8498b1fa60b9b0bbe080ca87c79ae6e39d1ef2054609643aba5e6df4530ba2ea1ab4651287410305d238fce8c63b4fc399

  • SSDEEP

    6144:oEMnwA82FXmXJ/bhzS4ErWHW6evE0LfOqAcdkRtYNBobV9s2C7uv/6aMeu:oEWwA82YZFzSjC26evEufOqAcdkRiBo2

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://cleartotalfisherwo.shop/api

https://worryfillvolcawoi.shop/api

https://enthusiasimtitleow.shop/api

https://dismissalcylinderhostw.shop/api

https://affordcharmcropwo.shop/api

https://diskretainvigorousiw.shop/api

https://communicationgenerwo.shop/api

https://pillowbrocccolipe.shop/api

Targets

    • Target

      8319ca6cf9cbe1f526db7cda92a964e8d16336ec0620a9fe8d390cb2a7a08fc7.exe

    • Size

      328KB

    • MD5

      5870ef4ab0d94609e0286055db3c7b1c

    • SHA1

      8f39b9821491eb4fd52a469bdcc2f4e9d8706fd8

    • SHA256

      8319ca6cf9cbe1f526db7cda92a964e8d16336ec0620a9fe8d390cb2a7a08fc7

    • SHA512

      8c35c7206a7b4da6ab2942aef33d8279094b1191ef2c3f69ebdf39dc8830cd363ad448e0d02a3e2bda8e2d0febbf543fb7e367ac2bbee1d98f50892ae1231979

    • SSDEEP

      6144:ZEXXLwwq8aMxc9KboOW6HGXK/Ub08nFvUZM2SmxscC:iXbwws6c9QoOW6mh0m6ZVSac

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks