Overview

overview

10

Static

static

1

@#!Open_Ma...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    @#!Open_MainFile_6788_Pa$ṣW0rD%$.7z

  • Size

    2.5MB

  • Sample

    240420-zzzznsae7y

  • MD5

    52a79e5f907d1ba0d30c5a8d80496253

  • SHA1

    13551f6a6bf89e9b5f8291418cf00f1173d29be7

  • SHA256

    df0ca3b7f2ed283d0cdd9d23c2950283df06e16ddb779d14f8312989da7fe721

  • SHA512

    913b3b670178e9c0381b53450c30b0c95be5174c7e5bf671bb6ec2554e5776aad2ddd36cf1e5c4e4ef5eb07e5aaa18b2b5cfc52c2f22081a88f7f15fe7f66e0f

  • SSDEEP

    49152:+mvjncv9+RLeZwO7ModMsLmFmopv2skdn70oFL8xdF5cJ:+TQPgLmpOskdn40LgyJ

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://harassretunrstiwo.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      @#!Open_MainFile_6788_Pa$ṣW0rD%$/Setup.exe

    • Size

      94KB

    • MD5

      9a4cc0d8e7007f7ef20ca585324e0739

    • SHA1

      f3e5a2e477cac4bab85940a2158eed78f2d74441

    • SHA256

      040d121a3179f49cd3f33f4bc998bc8f78b7f560bfd93f279224d69e76a06e92

    • SHA512

      54636a48141804112f5b4f2fc70cb7c959a041e5743aeedb5184091b51daa1d1a03f0016e8299c0d56d924c6c8ae585e4fc864021081ffdf1e6f3eab11dd43b3

    • SSDEEP

      1536:9M/AhIxHHWMpdPa5wiE21M8kJIGFvb1Cwn/ZDs5yf:9M4SwMpdCq/IM8uIGfV/ZDso

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks