Overview

overview

10

Static

static

1

winprofile

windows7-x64

3

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab9a4daee46ae19fe1c2e4b874246275ec129216f3b6bda73e21f5bcebb0300b

  • Size

    1.2MB

  • Sample

    240422-gf8tcsge45

  • MD5

    8cb7db15a004f0aff7a13fe6cc9763b2

  • SHA1

    464b2e63948ae75eb7506844d42440994b07c3b3

  • SHA256

    ab9a4daee46ae19fe1c2e4b874246275ec129216f3b6bda73e21f5bcebb0300b

  • SHA512

    bfe3b40d0c92993484fbd994c8738daec4adf1408608368381fd3cc294247b9f0b44a3bd9e99438121814666fde9114e2c2547da28f97773e848407f3b89ca5e

  • SSDEEP

    24576:bu255/64fZGpA+9176wxT6OxvDI8D92/pzk1lf:v5vZGpA+917/JDp52/pAzf

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://alcojoldwograpciw.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      ab9a4daee46ae19fe1c2e4b874246275ec129216f3b6bda73e21f5bcebb0300b

    • Size

      1.2MB

    • MD5

      8cb7db15a004f0aff7a13fe6cc9763b2

    • SHA1

      464b2e63948ae75eb7506844d42440994b07c3b3

    • SHA256

      ab9a4daee46ae19fe1c2e4b874246275ec129216f3b6bda73e21f5bcebb0300b

    • SHA512

      bfe3b40d0c92993484fbd994c8738daec4adf1408608368381fd3cc294247b9f0b44a3bd9e99438121814666fde9114e2c2547da28f97773e848407f3b89ca5e

    • SSDEEP

      24576:bu255/64fZGpA+9176wxT6OxvDI8D92/pzk1lf:v5vZGpA+917/JDp52/pAzf

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks