Overview

overview

10

Static

static

3

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf8980482fbadbf2825a44966e7141a9f56a19b6cc812659e793bb82ca264c0b

  • Size

    308KB

  • Sample

    240418-237vsshe56

  • MD5

    685eb309083828ed000f400139af068b

  • SHA1

    c53c23f4e29c39b6801ab5b7302d2839b8e115d9

  • SHA256

    bf8980482fbadbf2825a44966e7141a9f56a19b6cc812659e793bb82ca264c0b

  • SHA512

    aa347383e3a20a50fe93783bb73c5976e229700eb646623b3334eedc2235ec2b96451efe21838b8bd5baa86a5f77bf439c1c9445304634ae6fc178c269a1d7ed

  • SSDEEP

    6144:nU0qYuTVRFiXLhUI00Fhc8b3W6DvvCimXu/fxKXpkEVKGuUqe8u6:n/qlrsN300FGl6TT3x6kzGMVu6

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://palmeventeryjusk.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      bf8980482fbadbf2825a44966e7141a9f56a19b6cc812659e793bb82ca264c0b

    • Size

      308KB

    • MD5

      685eb309083828ed000f400139af068b

    • SHA1

      c53c23f4e29c39b6801ab5b7302d2839b8e115d9

    • SHA256

      bf8980482fbadbf2825a44966e7141a9f56a19b6cc812659e793bb82ca264c0b

    • SHA512

      aa347383e3a20a50fe93783bb73c5976e229700eb646623b3334eedc2235ec2b96451efe21838b8bd5baa86a5f77bf439c1c9445304634ae6fc178c269a1d7ed

    • SSDEEP

      6144:nU0qYuTVRFiXLhUI00Fhc8b3W6DvvCimXu/fxKXpkEVKGuUqe8u6:n/qlrsN300FGl6TT3x6kzGMVu6

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks