Overview

overview

10

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec0949ba67afa666619ee7906753c470adaac94331f67a9d968405c57f3474d4

  • Size

    8.9MB

  • Sample

    240418-29d63ahg35

  • MD5

    a4ac2edda7280dfabfc0e168ad4a0f71

  • SHA1

    c545cd8c7801f480ea3f311d7ab2fe8b79b8c85b

  • SHA256

    ec0949ba67afa666619ee7906753c470adaac94331f67a9d968405c57f3474d4

  • SHA512

    915f40c008695d1ecb656e6a54ec79f8a69eff42b9a33f5060a0ec0b58b80f3493773e229a9dc10855ce457b8ab138b4750541fccf4eb1196aca792943bdecd8

  • SSDEEP

    49152:UJfUsBjuiwj8R2L0SZEGpG0bHMrpZWHyQiyz6y26vDNhsx8dJPxTtja25EHZKeqT:c9KiwgRu09ZWHyQi1yRBEHZ7xUnne8

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://democraticseekysiwo.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      ec0949ba67afa666619ee7906753c470adaac94331f67a9d968405c57f3474d4

    • Size

      8.9MB

    • MD5

      a4ac2edda7280dfabfc0e168ad4a0f71

    • SHA1

      c545cd8c7801f480ea3f311d7ab2fe8b79b8c85b

    • SHA256

      ec0949ba67afa666619ee7906753c470adaac94331f67a9d968405c57f3474d4

    • SHA512

      915f40c008695d1ecb656e6a54ec79f8a69eff42b9a33f5060a0ec0b58b80f3493773e229a9dc10855ce457b8ab138b4750541fccf4eb1196aca792943bdecd8

    • SSDEEP

      49152:UJfUsBjuiwj8R2L0SZEGpG0bHMrpZWHyQiyz6y26vDNhsx8dJPxTtja25EHZKeqT:c9KiwgRu09ZWHyQi1yRBEHZ7xUnne8

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks