General

  • Target

    [VistaCreate] Promotional Materials (2024).7z

  • Size

    15.0MB

  • Sample

    240427-mnp9wagg44

  • MD5

    b481e50b6bc0d2e8adf7ff171d4dd13b

  • SHA1

    64334d4b5b6d8f9f69399ac0df58802bae1a2ea3

  • SHA256

    985ec50111ce2bdd7d35e80e1591d0098bb3f4ef35ac0e5574f80ef94866a707

  • SHA512

    edf97930561cf38639e9d15b2318aa8198bd5a379129bf08613b493e9055a99df02c0a5ed7864aacdad8a90da369b3c9781d0d4959264b25289b99ca25da6498

  • SSDEEP

    393216:5AymEUIDvlrP2mzqHYaJ5v81RvN+Czo5vA//j1fn4VP83luZ:5XUIblrOk1RoV8f4VP838

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://incredibleextedwj.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      [VistaCreate] Promotional Materials (2024).7z

    • Size

      15.0MB

    • MD5

      b481e50b6bc0d2e8adf7ff171d4dd13b

    • SHA1

      64334d4b5b6d8f9f69399ac0df58802bae1a2ea3

    • SHA256

      985ec50111ce2bdd7d35e80e1591d0098bb3f4ef35ac0e5574f80ef94866a707

    • SHA512

      edf97930561cf38639e9d15b2318aa8198bd5a379129bf08613b493e9055a99df02c0a5ed7864aacdad8a90da369b3c9781d0d4959264b25289b99ca25da6498

    • SSDEEP

      393216:5AymEUIDvlrP2mzqHYaJ5v81RvN+Czo5vA//j1fn4VP83luZ:5XUIblrOk1RoV8f4VP838

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks