General

  • Target

    b411fa289b897c774560292abcf7c298e29e1b9b8243357b1cc7d25a28622739.exe

  • Size

    25.4MB

  • Sample

    240423-b5hetabb72

  • MD5

    913b4744fbcd88cbc9ba44808a835a91

  • SHA1

    d5cb6cbe5d4ad8b20a351080a6bc8e85fa72a64e

  • SHA256

    b411fa289b897c774560292abcf7c298e29e1b9b8243357b1cc7d25a28622739

  • SHA512

    ab0c1ec3840947262d4825bbc1cb1f0f056fceda99d7886ce7f83c432faf91a89e17f81e21132a9f997a895c0dd3cdb3d987b47608020cb1260657d782847863

  • SSDEEP

    12288:5R5ouJIVQhcEWuDG6X/ob2qlTIiw/TmQxFZpC:dnJIG2EFlf09GTmYvC

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      b411fa289b897c774560292abcf7c298e29e1b9b8243357b1cc7d25a28622739.exe

    • Size

      25.4MB

    • MD5

      913b4744fbcd88cbc9ba44808a835a91

    • SHA1

      d5cb6cbe5d4ad8b20a351080a6bc8e85fa72a64e

    • SHA256

      b411fa289b897c774560292abcf7c298e29e1b9b8243357b1cc7d25a28622739

    • SHA512

      ab0c1ec3840947262d4825bbc1cb1f0f056fceda99d7886ce7f83c432faf91a89e17f81e21132a9f997a895c0dd3cdb3d987b47608020cb1260657d782847863

    • SSDEEP

      12288:5R5ouJIVQhcEWuDG6X/ob2qlTIiw/TmQxFZpC:dnJIG2EFlf09GTmYvC

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks