lumma | 8956f3d2ae97879f67448239db1d47618266afe3133cb5f5e8bbe343a2d47f16

General

Target

Новая папка.zip
Size

3.2MB
Sample

240421-q1zwmacf57
MD5

7cb8264a5efc3bb635b022282a072863
SHA1

426330b12d47b746b36868d52378d76397bc2d95
SHA256

8956f3d2ae97879f67448239db1d47618266afe3133cb5f5e8bbe343a2d47f16
SHA512

4f6891d8319f83b3a750cda2e792c114ea84c617db86af3ab65ce30c9b04db0938ca12859df4605529f37cd812f07841503b1d2d4c1e7ab389babce745bda673
SSDEEP

49152:8RzfUo6kORUEABF0CmtOAoxhy4e49bCVnfCHy4ct7EOSD07gLQMAn:wzfhqUEcXvNbCVnKHy4cRSRg

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://harassretunrstiwo.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

- Target
  
  Setup.exe
- Size
  
  94KB
- MD5
  
  9a4cc0d8e7007f7ef20ca585324e0739
- SHA1
  
  f3e5a2e477cac4bab85940a2158eed78f2d74441
- SHA256
  
  040d121a3179f49cd3f33f4bc998bc8f78b7f560bfd93f279224d69e76a06e92
- SHA512
  
  54636a48141804112f5b4f2fc70cb7c959a041e5743aeedb5184091b51daa1d1a03f0016e8299c0d56d924c6c8ae585e4fc864021081ffdf1e6f3eab11dd43b3
- SSDEEP
  
  1536:9M/AhIxHHWMpdPa5wiE21M8kJIGFvb1Cwn/ZDs5yf:9M4SwMpdCq/IM8uIGfV/ZDso
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  largo.doc
- Size
  
  939KB
- MD5
  
  ff880a45592fc1010f8d50ee28dabe5b
- SHA1
  
  1906c85f9b5d091abaddf2472a9871446682c184
- SHA256
  
  54a00b4bb21043ae1f24d9ace0fd7a3483e498764e3ba221e12c17e3c48c05c3
- SHA512
  
  053e56143e226547db6ece18e6fac82514837f3fd4f9eaa494e8db1b96c26e0dc15785d86e773d98597001667ad2825b9582d35c51d48b8d562b84bc7766832a
- SSDEEP
  
  24576:iOWMpOsVazZmaHxvikhc/iaP9LRs9/5HjT3RhdwgG:isVatmGqkhjC9LqVj7G
Score

1^/10
behavioral3 behavioral4
- Target
  
  nursery.iso
- Size
  
  73KB
- MD5
  
  5a055f819fd0c3454e0d90507dc25257
- SHA1
  
  27e8af7782f080e8ea3c06cb31ddbfa768cb127b
- SHA256
  
  0566fbe3e0e3f35083ebf4304b581e03cf4eccb37da57f7c7a4bdcf6f2e2c3d8
- SHA512
  
  1a48f170895be20d6e4b3eb2c125b404376158f471cb29a2d474824457668dbaa07261049f61cad68fc341fac011e0170e8eb54aae8b10a6456ed6d910a5842d
- SSDEEP
  
  1536:gTOwedCyHeRWsWQTidfGw+hbzr84UPaWPhJgCP:cOwedCy+csmf8NUPhhW+
Score

3^/10
behavioral5 behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

3

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lumma Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6