Overview

overview

10

Static

static

1

ExtraSoft.exe

windows7-x64

3

ExtraSoft.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ExtraSoft.exe

  • Size

    456KB

  • Sample

    240428-1xsm9aaf3x

  • MD5

    8d01e8e24ed21d1a1b765cb08b124215

  • SHA1

    da49674f06b480e2aa3d6b3a24a9aff5fa135ecf

  • SHA256

    7786d7b06711a5522743db153f82a0beb002b8e07f7024270e26e9c85165fbf0

  • SHA512

    0a53f97148cb3a6af941f904fa5dab3277bb82a9c40ab1c0c2fc9977068e8f07a83217d50d4c994404cb65808db325c88ef67e73df930ff534e1b631f11f776a

  • SSDEEP

    12288:4IRTR9mH1W86Ap16AqsTwhQ0Q6ZvRgipF:jFkdKsIQ36ZeuF

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://sideindexfollowragelrew.pw/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://alcojoldwograpciw.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      ExtraSoft.exe

    • Size

      456KB

    • MD5

      8d01e8e24ed21d1a1b765cb08b124215

    • SHA1

      da49674f06b480e2aa3d6b3a24a9aff5fa135ecf

    • SHA256

      7786d7b06711a5522743db153f82a0beb002b8e07f7024270e26e9c85165fbf0

    • SHA512

      0a53f97148cb3a6af941f904fa5dab3277bb82a9c40ab1c0c2fc9977068e8f07a83217d50d4c994404cb65808db325c88ef67e73df930ff534e1b631f11f776a

    • SSDEEP

      12288:4IRTR9mH1W86Ap16AqsTwhQ0Q6ZvRgipF:jFkdKsIQ36ZeuF

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks