Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e

  • Size

    379KB

  • Sample

    240422-eygrgsfd45

  • MD5

    9790c399853d9ef03690418fb95b3558

  • SHA1

    5ce690e25b22ee075b683fa60f7daa30633ca4d9

  • SHA256

    894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e

  • SHA512

    62f8b9bf8d77acfa85685c3ed9eadfafa2c146ceba720e63e140fd220bba2925b09938fbca7041ff7cf38cdfc83fe67c7d4af5261448c1796c5d7dce66e1b278

  • SSDEEP

    6144:pPuhbc37AwINjRVzHuJoDj+d+kDc9+plyxPwCIOOc/7q1Nw:pcbeAlZRVgoDjI+Dulxm5zUi

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://strollheavengwu.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e

    • Size

      379KB

    • MD5

      9790c399853d9ef03690418fb95b3558

    • SHA1

      5ce690e25b22ee075b683fa60f7daa30633ca4d9

    • SHA256

      894a0fcc9bf75586a8e5926c6f77a46891480cbbbaa8a9e5a68c7b85a100934e

    • SHA512

      62f8b9bf8d77acfa85685c3ed9eadfafa2c146ceba720e63e140fd220bba2925b09938fbca7041ff7cf38cdfc83fe67c7d4af5261448c1796c5d7dce66e1b278

    • SSDEEP

      6144:pPuhbc37AwINjRVzHuJoDj+d+kDc9+plyxPwCIOOc/7q1Nw:pcbeAlZRVgoDjI+Dulxm5zUi

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks