Overview

overview

10

Static

static

7

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd63ac81183136c83ae741c486250e50f07f88c9da871eba7e31f01229fa2563

  • Size

    5.5MB

  • Sample

    240419-k4npwadd84

  • MD5

    0140fe9c5aa4fe45892db68bbbd3c2a9

  • SHA1

    674eaeb4e5b405aa8e9ceac798347d6755293711

  • SHA256

    cd63ac81183136c83ae741c486250e50f07f88c9da871eba7e31f01229fa2563

  • SHA512

    ef20a8b1db534a3dfd987a6fba0623819c7b83699799b03a5c8d069466b4971dd8c0e630f402dd6a633b9b925ea6266b9aa058f5bb31e535ef668cf0193cf664

  • SSDEEP

    98304:U0WawMs1zuSwEvDy9Ds5STXbnjhS7Wym851f44Wvbp7csGH4jikn:U0Wa0XwiDYW2n+m851f44WvF7AH4G4

Score
10/10
lummastealervmprotect

Malware Config

Extracted

Family

lumma

C2

https://bordersoarmanusjuw.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      cd63ac81183136c83ae741c486250e50f07f88c9da871eba7e31f01229fa2563

    • Size

      5.5MB

    • MD5

      0140fe9c5aa4fe45892db68bbbd3c2a9

    • SHA1

      674eaeb4e5b405aa8e9ceac798347d6755293711

    • SHA256

      cd63ac81183136c83ae741c486250e50f07f88c9da871eba7e31f01229fa2563

    • SHA512

      ef20a8b1db534a3dfd987a6fba0623819c7b83699799b03a5c8d069466b4971dd8c0e630f402dd6a633b9b925ea6266b9aa058f5bb31e535ef668cf0193cf664

    • SSDEEP

      98304:U0WawMs1zuSwEvDy9Ds5STXbnjhS7Wym851f44Wvbp7csGH4jikn:U0Wa0XwiDYW2n+m851f44WvF7AH4G4

    Score
    10/10
    lummastealervmprotect

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks