Overview

overview

10

Static

static

3

Raysen hack v5.16.exe

windows7-x64

3

Raysen hack v5.16.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Raysen hack v5.16.exe

  • Size

    1.2MB

  • Sample

    240424-sq511acc9w

  • MD5

    af5a4e397ac90ccf21d63bf97cc29e24

  • SHA1

    371dc0c32151797d95b33050d782b12fcec9957f

  • SHA256

    c72cf415a94408081bba0852edd261aa2fde4928f7f1369dd80584ca029adf71

  • SHA512

    22ae17a1bd1a6bbcca497e662a92be95a06a3161760856e28e1fba9b09959bf4109e0ba50ecb1353d16e5bac7fb300927f7c84c137e747136afbf5feae4d8b0f

  • SSDEEP

    24576:XXlVZ9EuUFpJQ5MbK3yPXa7RRUljiUe/MLmhzj/:XVwFpJQ5Mby0zwMy

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      Raysen hack v5.16.exe

    • Size

      1.2MB

    • MD5

      af5a4e397ac90ccf21d63bf97cc29e24

    • SHA1

      371dc0c32151797d95b33050d782b12fcec9957f

    • SHA256

      c72cf415a94408081bba0852edd261aa2fde4928f7f1369dd80584ca029adf71

    • SHA512

      22ae17a1bd1a6bbcca497e662a92be95a06a3161760856e28e1fba9b09959bf4109e0ba50ecb1353d16e5bac7fb300927f7c84c137e747136afbf5feae4d8b0f

    • SSDEEP

      24576:XXlVZ9EuUFpJQ5MbK3yPXa7RRUljiUe/MLmhzj/:XVwFpJQ5Mby0zwMy

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks