Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-04-2024 19:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a2fce0e95429ca6a9e2b6bd294af27d6f11543e8cf42fec91da2b4bfeb3d0975.exe

  • Size

    395KB

  • MD5

    f8714c97bd785587ba15867136e88252

  • SHA1

    50afa7f5b1921fa41c0c83f871e5801cfafbd3d9

  • SHA256

    a2fce0e95429ca6a9e2b6bd294af27d6f11543e8cf42fec91da2b4bfeb3d0975

  • SHA512

    15ad47a8162f44d27362e3be6d745490842d1708f9ffc8fecf36fa9503a18b4694f5733d7092e79f4d35b8bf0e57ab8d52fdc33ccdb210ca6d535ff0f862a36b

  • SSDEEP

    6144:vL6gqL4ofYHpVJz4gWUU4vdn4W7MIZDBUuiA7O:v+gFofYHV1WUUsdn4zkVS

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://exceptionwillapews.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2fce0e95429ca6a9e2b6bd294af27d6f11543e8cf42fec91da2b4bfeb3d0975.exe
    "C:\Users\Admin\AppData\Local\Temp\a2fce0e95429ca6a9e2b6bd294af27d6f11543e8cf42fec91da2b4bfeb3d0975.exe"
    1⤵
      PID:4528
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4528 -s 388
        2⤵
        • Program crash
        PID:644
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 4528 -ip 4528
      1⤵
        PID:1208

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4528-1-0x0000000000BD0000-0x0000000000CD0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4528-2-0x00000000025B0000-0x00000000025FC000-memory.dmp

        Filesize

        304KB

        Download

      • memory/4528-3-0x0000000000400000-0x0000000000864000-memory.dmp

        Filesize

        4.4MB

        Download

      • memory/4528-4-0x0000000000400000-0x0000000000864000-memory.dmp

        Filesize

        4.4MB

        Download

      • memory/4528-5-0x00000000025B0000-0x00000000025FC000-memory.dmp

        Filesize

        304KB

        Download