Overview

overview

10

Static

static

1

!@!Active_...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    !@!Active_$etUp_2024_pAs$W0rd (2).7z

  • Size

    2.4MB

  • Sample

    240420-zyl2esae4w

  • MD5

    6eb900e41fd38341634ea4d5caffffb9

  • SHA1

    5b433ee00cfbe835b531706bac2fddc00c00eedb

  • SHA256

    f3fdf6767230e2ed451062ed1469c244ce983f6eb08cb3d5d47c2c4325c18eca

  • SHA512

    ddfcd08a681cbf4544efdaa3879d616b6c4c2ce87e4eabef59506443a3b44cc47f913798bd513960f565408da8dbc6c464c75308489b6ea50608c7faf376f380

  • SSDEEP

    49152:C5gNw0CHAIoEyaM4SWLSi6u46HFqw+wDXn/FI3pnsyi2cG8n/0HhZpp1A02Bm2i:C2ZFhNASWLSi6SFq3wj6di2b8s5bWfi

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://harassretunrstiwo.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      !@!Active_$etUp_2024_pAs$W0rd/Setup.exe

    • Size

      94KB

    • MD5

      9a4cc0d8e7007f7ef20ca585324e0739

    • SHA1

      f3e5a2e477cac4bab85940a2158eed78f2d74441

    • SHA256

      040d121a3179f49cd3f33f4bc998bc8f78b7f560bfd93f279224d69e76a06e92

    • SHA512

      54636a48141804112f5b4f2fc70cb7c959a041e5743aeedb5184091b51daa1d1a03f0016e8299c0d56d924c6c8ae585e4fc864021081ffdf1e6f3eab11dd43b3

    • SSDEEP

      1536:9M/AhIxHHWMpdPa5wiE21M8kJIGFvb1Cwn/ZDs5yf:9M4SwMpdCq/IM8uIGfV/ZDso

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks