Overview

overview

10

Static

static

1

9b8c538cfa...c8.exe

windows7-x64

3

9b8c538cfa...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8.exe

  • Size

    422KB

  • Sample

    240418-b5zdbsgh6s

  • MD5

    804b1a320ca4610b1e44af97fd9c295a

  • SHA1

    5be4e86aa94c00cc0fb69292b71ce2581493b144

  • SHA256

    9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8

  • SHA512

    fdd88ccf44b3e0c27c022bd9e936f05cae73a260e408078a18ae9b8995451a8d7bb677d152c79e0e70c41bf66439530b03b707fdad3826c5edfc745452a62b8c

  • SSDEEP

    12288:qy3q/jkZxUcjAWlwTfTLqREbVd09PSVk4po:LqbkZ3ObiRmd00S

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8.exe

    • Size

      422KB

    • MD5

      804b1a320ca4610b1e44af97fd9c295a

    • SHA1

      5be4e86aa94c00cc0fb69292b71ce2581493b144

    • SHA256

      9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8

    • SHA512

      fdd88ccf44b3e0c27c022bd9e936f05cae73a260e408078a18ae9b8995451a8d7bb677d152c79e0e70c41bf66439530b03b707fdad3826c5edfc745452a62b8c

    • SSDEEP

      12288:qy3q/jkZxUcjAWlwTfTLqREbVd09PSVk4po:LqbkZ3ObiRmd00S

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks