General
-
Target
https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbkwtNlY5bm1CM2taWEl0VG1uVUN3ekFZNC15QXxBQ3Jtc0tualY5WWFpV0tYTHFUTWxjQmJNR0szbWtSU2NueVE4aGtIZTBTaS12Vk9xWmZBbkdMM29kalV6VmMydXViX3hKbkEwQ09UVlpNX2xBQlk2bmV4dFlGekpYVFJsR3J1cC1rSFdIM2pMcUROUF9BaWRWOA&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F36culjifmas7b%2FSetup
-
Sample
240425-lxlglshf26
Malware Config
Extracted
lumma
https://productivelookewr.shop/api
https://tolerateilusidjukl.shop/api
https://shatterbreathepsw.shop/api
https://shortsvelventysjo.shop/api
https://incredibleextedwj.shop/api
https://alcojoldwograpciw.shop/api
https://liabilitynighstjsko.shop/api
https://demonstationfukewko.shop/api
Targets
-
-
Target
https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbkwtNlY5bm1CM2taWEl0VG1uVUN3ekFZNC15QXxBQ3Jtc0tualY5WWFpV0tYTHFUTWxjQmJNR0szbWtSU2NueVE4aGtIZTBTaS12Vk9xWmZBbkdMM29kalV6VmMydXViX3hKbkEwQ09UVlpNX2xBQlk2bmV4dFlGekpYVFJsR3J1cC1rSFdIM2pMcUROUF9BaWRWOA&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F36culjifmas7b%2FSetup
Score10/10-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-