General

  • Target

    1b17680574d595b6211da1ca0664113f78cfb0e678c209dd61664d0f99841942.exe

  • Size

    5.5MB

  • Sample

    240426-bebjksgf2z

  • MD5

    c91f9c9ffa73cd9d586d34f73beee0cd

  • SHA1

    0c6c645322b236944142fdffacbb610906177ee3

  • SHA256

    1b17680574d595b6211da1ca0664113f78cfb0e678c209dd61664d0f99841942

  • SHA512

    403eb2e3f09aacbaf06496d8e727d4a1c7d9fbff3b7437e14ab65cd142216189c0eb9d2ddc775f800a678b53ba7948c4704b48cd10de6b04a53d989dbfdc4286

  • SSDEEP

    98304:Guha6IiuJPovwGz5z0TWmakZv/Rjg3ozLRKdcB4S/BDTRm:nIiullGzOTNa+pjg3on0dwnJD9m

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://greetclassifytalk.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      1b17680574d595b6211da1ca0664113f78cfb0e678c209dd61664d0f99841942.exe

    • Size

      5.5MB

    • MD5

      c91f9c9ffa73cd9d586d34f73beee0cd

    • SHA1

      0c6c645322b236944142fdffacbb610906177ee3

    • SHA256

      1b17680574d595b6211da1ca0664113f78cfb0e678c209dd61664d0f99841942

    • SHA512

      403eb2e3f09aacbaf06496d8e727d4a1c7d9fbff3b7437e14ab65cd142216189c0eb9d2ddc775f800a678b53ba7948c4704b48cd10de6b04a53d989dbfdc4286

    • SSDEEP

      98304:Guha6IiuJPovwGz5z0TWmakZv/Rjg3ozLRKdcB4S/BDTRm:nIiullGzOTNa+pjg3on0dwnJD9m

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Detects executables packed with VMProtect.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks