lumma | f3fdf6767230e2ed451062ed1469c244ce983f6eb08cb3d5d47c2c4325c18eca | Triage

Submit
Reports

Overview

overview

Static

static

1

!@!Active_...up.exe

windows10-2004-x64

Sharing

General

Target

!@!Active_$etUp_2024_pAs$W0rd (2).7z
Size

2.4MB
Sample

240420-zyl2esae4w
MD5

6eb900e41fd38341634ea4d5caffffb9
SHA1

5b433ee00cfbe835b531706bac2fddc00c00eedb
SHA256

f3fdf6767230e2ed451062ed1469c244ce983f6eb08cb3d5d47c2c4325c18eca
SHA512

ddfcd08a681cbf4544efdaa3879d616b6c4c2ce87e4eabef59506443a3b44cc47f913798bd513960f565408da8dbc6c464c75308489b6ea50608c7faf376f380
SSDEEP

49152:C5gNw0CHAIoEyaM4SWLSi6u46HFqw+wDXn/FI3pnsyi2cG8n/0HhZpp1A02Bm2i:C2ZFhNASWLSi6SFq3wj6di2b8s5bWfi

Score

10^/10

lumma stealer

Static task

static1

Behavioral task

behavioral1

Sample

!@!Active_$etUp_2024_pAs$W0rd/Setup.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://harassretunrstiwo.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

- Target
  
  !@!Active_$etUp_2024_pAs$W0rd/Setup.exe
- Size
  
  94KB
- MD5
  
  9a4cc0d8e7007f7ef20ca585324e0739
- SHA1
  
  f3e5a2e477cac4bab85940a2158eed78f2d74441
- SHA256
  
  040d121a3179f49cd3f33f4bc998bc8f78b7f560bfd93f279224d69e76a06e92
- SHA512
  
  54636a48141804112f5b4f2fc70cb7c959a041e5743aeedb5184091b51daa1d1a03f0016e8299c0d56d924c6c8ae585e4fc864021081ffdf1e6f3eab11dd43b3
- SSDEEP
  
  1536:9M/AhIxHHWMpdPa5wiE21M8kJIGFvb1Cwn/ZDs5yf:9M4SwMpdCq/IM8uIGfV/ZDso
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy