Overview

overview

10

Static

static

1

Places to visit.scr

windows7-x64

1

Places to visit.scr

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6e6b4cc367d2870e59674ecfb09718725da12b0e5505457dd92a1c2425edb22.zip

  • Size

    1.2MB

  • Sample

    240419-cfdwrseg3y

  • MD5

    78838f5119a3229f8742fb24a70a482e

  • SHA1

    cdc990105379c5cdc9cb55b7526df5e23a4a7579

  • SHA256

    d6e6b4cc367d2870e59674ecfb09718725da12b0e5505457dd92a1c2425edb22

  • SHA512

    42ee081ef26d7ceda53cde841c56d92dab26e96760f23ee10f4236ba709609f1960f605e417c9edad6f8e652f66141399532ffff3a2af66914eb362adc07a6d5

  • SSDEEP

    6144:KzGFLOWv+5GX+FYTGSAXst+lVmmBtHzqpyQBzbdDIVS+s:KzwOm+5GuFmGXcKYmBtHzqDPWSz

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://theatergenerationju.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      Places to visit.scr

    • Size

      772.4MB

    • MD5

      b61ea25997f2f8721ac589703526dd6b

    • SHA1

      3bd31fe83ff4e4ad99395426654f80200b21e021

    • SHA256

      8d4ade5b2a0b9b026e58e9771ce41d77a82cebae4d493cf3170b14c45b236b69

    • SHA512

      450f26ec9fc2feb1854d5d00271eba0b128831cdd09c8a6675d248ea4ef2f6e0f7d1bd0f00a5ee3242577ac5d1ffc48175a9ca4ebdda021c7b91d4fb5d7dfa8a

    • SSDEEP

      6144:Xc2iyp+gYP1ueAFoTScAXstyrTKmBrHfqlyeBzbRNI07EoUOlc/:YyyP1jAF2SRcqumBrHfqvP5Eo3+

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks