lumma | 2d27d929651f167d690fa610fa8fbcfb33d0d30ebc158ef50a8bc62000270ca7 | Triage

Sharing

General

Target

Executor(1).zip
Size

17.4MB
Sample

240423-xfw3kaag9x
MD5

1dbdc2d973bb635af23dce2b3508b4b2
SHA1

5ac7a01ad84a289d11703915d3de46523e5c5f23
SHA256

2d27d929651f167d690fa610fa8fbcfb33d0d30ebc158ef50a8bc62000270ca7
SHA512

7cfcd53812753bc666a102248349c1b9b865ae5ec126da346c4c63a64a2e7ba4f4cc3beef8584c848f55be7d9516b1af9756c6c6cf8eebcaa5ed2d68088f315b
SSDEEP

393216:ASF3DRs2CI7Ba2YdSo0y8iigVfwj7QVAmFGro0y8i7X:ASpDR62Yd0ii3EVAmArij

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

- Target
  
  Executor/Injector.exe
- Size
  
  1.2MB
- MD5
  
  9d6470e951494e2195189b03bf47c9c2
- SHA1
  
  f99012e40e258b79f7b97b9efe91e7f01d93d5be
- SHA256
  
  2c9f5f678d8c8448cab83d4a855100b347ce50ac7d495a156b72edf81389cc9a
- SHA512
  
  fbe68915cd1445050a5e2450455425f66ad7cc1622eeb38a0a77f964af8c2c1008746dc12cc13b0339ec6a301a59f8edc6465c030f6b3eead2c038cbf1ed725d
- SSDEEP
  
  24576:isMl5IXhqt4J3jo09c2ga8eFUJspf8fVuYX560FCX:ifTt4J3jo0M1sd8fRJVY
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2