Overview

overview

10

Static

static

3

#!NewFiile...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    #!NewFiile_7474_ṔḁṨṨCṏḌḙ$.7z

  • Size

    10.6MB

  • Sample

    240420-zywkvsae5v

  • MD5

    8da41c82a18c1bbfc340ac7a016f1994

  • SHA1

    316be7e5cf1fc88f0429eec522c75bc56635df1e

  • SHA256

    8e6e186ef33495fa843335654f0ce888e59272caa2245eb123afaff3b5c21992

  • SHA512

    bc519314cfc5b1842cdf635cd95ad94f060ad03ce558d7d9bd29170d862e0b4f4a24d0e02179a04c68809a683b770446668df37d1a9a53d6d58d93a3ccbb0e03

  • SSDEEP

    196608:4JOwbfgjyffAS6VHJaqWLjkZNwr/NNiGRruLUEM6cFNME6mPiDFoRBP4yuxFtGT:AOws+ffn6xJRCdZNis0+NVj6DFoRBQv4

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://preachbusstyoiwo.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

    • Target

      #!NewFiile_7474_ṔḁṨṨCṏḌḙ$/Setup.exe

    • Size

      2.4MB

    • MD5

      9fb4770ced09aae3b437c1c6eb6d7334

    • SHA1

      fe54b31b0db8665aa5b22bed147e8295afc88a03

    • SHA256

      a05b592a971fe5011554013bcfe9a4aaf9cfc633bdd1fe3a8197f213d557b8d3

    • SHA512

      140fee6daf23fe8b7e441b3b4de83554af804f00ecedc421907a385ac79a63164bd9f28b4be061c2ea2262755d85e14d3a8e7dc910547837b664d78d93667256

    • SSDEEP

      49152:Y8UMSn5cV2N9LNwtQ5gRR+moI1axGbYj6QAl4ImDkg7d5lROCDG5yzlC97W+uJUM:QMS5hN9OtQ5gRjoI8xGbYj6QAl4gg7dF

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks