lumma | 85a0c372af048319fbfc8b65770508df7caca682338577534d5c03e17877d8c6 | Triage

Submit
Reports

Overview

overview

Static

static

3

#Néw_FɨL...up.exe

windows10-2004-x64

Sharing

General

Target

#Néw_FɨLé-!PằŜSwṟd--24819.7z
Size

10.8MB
Sample

240420-zznlmsaa22
MD5

03acf475a7dc6ff86189838a23212271
SHA1

dcd6ea1d10967e2aef9390cfa5e692f114efbc2f
SHA256

85a0c372af048319fbfc8b65770508df7caca682338577534d5c03e17877d8c6
SHA512

b2a74bedef3ed49097056e3b6a0679750dccb2aa39770695e750ff3eaf75550af3792e37a6223080e4682be10af0a904f54d69c8943fd6bad5d6f9763c9ab7c1
SSDEEP

196608:eIFP1lbh4y2WroEKO+NLYVO4wHuKEdH7bFPfnNbJPDIiO1:h7v2W0D1Y0H7qRPlbJLI1

Score

10^/10

lumma stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

#Néw_FɨLé-!PằŜSwṟd--24819/Setup.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

lumma

C2

https://preachbusstyoiwo.shop/api

https://entitlementappwo.shop/api

https://economicscreateojsu.shop/api

https://pushjellysingeywus.shop/api

https://absentconvicsjawun.shop/api

https://suitcaseacanehalk.shop/api

https://bordersoarmanusjuw.shop/api

https://mealplayerpreceodsju.shop/api

https://wifeplasterbakewis.shop/api

Targets

- Target
  
  #Néw_FɨLé-!PằŜSwṟd--24819/Setup.exe
- Size
  
  2.4MB
- MD5
  
  9fb4770ced09aae3b437c1c6eb6d7334
- SHA1
  
  fe54b31b0db8665aa5b22bed147e8295afc88a03
- SHA256
  
  a05b592a971fe5011554013bcfe9a4aaf9cfc633bdd1fe3a8197f213d557b8d3
- SHA512
  
  140fee6daf23fe8b7e441b3b4de83554af804f00ecedc421907a385ac79a63164bd9f28b4be061c2ea2262755d85e14d3a8e7dc910547837b664d78d93667256
- SSDEEP
  
  49152:Y8UMSn5cV2N9LNwtQ5gRR+moI1axGbYj6QAl4ImDkg7d5lROCDG5yzlC97W+uJUM:QMS5hN9OtQ5gRjoI8xGbYj6QAl4gg7dF
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy