Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

5

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    308KB

  • Sample

    240418-zqyp9aef65

  • MD5

    c60f5fa3a579bca2c8c377f7e15b2221

  • SHA1

    d44b5c6dd64284f00d6f9d05cf5327a91cad9339

  • SHA256

    f5913e753281dbdf88f36c73d13afbf4af62046e25f8e148e87a80e88818c4d7

  • SHA512

    f419adf4bd07ce18d9b7de7445b2d0185653de27738fd4403f880ee11bf49ca8a1958c1b2c94f8f4c5da52ebc79462cfb6fe71849439f6af017a95b44af2f77b

  • SSDEEP

    6144:DVa+NrJiVBc2wc6oKXwdUWFQg1SGWEWAMiY7ivtaqgntTZXHAYq7:J1NrJaBcOOiHWEWAMFKtdstTfq

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://bordersoarmanusjuw.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      tmp

    • Size

      308KB

    • MD5

      c60f5fa3a579bca2c8c377f7e15b2221

    • SHA1

      d44b5c6dd64284f00d6f9d05cf5327a91cad9339

    • SHA256

      f5913e753281dbdf88f36c73d13afbf4af62046e25f8e148e87a80e88818c4d7

    • SHA512

      f419adf4bd07ce18d9b7de7445b2d0185653de27738fd4403f880ee11bf49ca8a1958c1b2c94f8f4c5da52ebc79462cfb6fe71849439f6af017a95b44af2f77b

    • SSDEEP

      6144:DVa+NrJiVBc2wc6oKXwdUWFQg1SGWEWAMiY7ivtaqgntTZXHAYq7:J1NrJaBcOOiHWEWAMFKtdstTfq

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks