Resubmissions
29-04-2024 08:42
240429-kma3fseh51 1028-04-2024 12:51
240428-p3kdaagb82 628-04-2024 12:50
240428-p3c9zagb79 128-04-2024 12:50
240428-p2xxzsge81 127-04-2024 12:26
240427-pmpcasba9v 1025-04-2024 15:48
240425-s8x34scc35 1024-04-2024 16:46
240424-t97jlsdd7t 1024-04-2024 12:25
240424-pllj1shg8y 1023-04-2024 15:49
240423-s9tgbahf57 1023-04-2024 10:17
240423-mbcg9afd94 1Static task
static1
URLScan task
urlscan1
Malware Config
Extracted
Family
lumma
C2
https://auctiongutollyjkui.shop/api
https://productivelookewr.shop/api
https://tolerateilusidjukl.shop/api
https://shatterbreathepsw.shop/api
https://shortsvelventysjo.shop/api
https://incredibleextedwj.shop/api
https://alcojoldwograpciw.shop/api
https://liabilitynighstjsko.shop/api
https://demonstationfukewko.shop/api
Targets
-
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext