Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

1

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    478KB

  • Sample

    240428-fmzctsgf56

  • MD5

    b3487e31f2f1fe5c761d63cc3bac5000

  • SHA1

    1d60084d6713d0574244d291fee586f663079e41

  • SHA256

    491d7b93c49438ac2b97e8ad343b99abbcc3536d9d32de6972ff64a7ec32f858

  • SHA512

    587ad89b74e83d657d13a280b713330686be6e82c74f42b0f318d38b4abe833689d7b542ba577f6be0242b7d63f8b4bdf4e79ac7edbcbc329f618365e1b3751c

  • SSDEEP

    12288:Sk8jfo4Q3OV75FkRIp35B/j5XfZzJqMnjP:mDUqFzjlfWMjP

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://alcojoldwograpciw.shop/api

https://productivelookewr.shop/api

https://tolerateilusidjukl.shop/api

https://shatterbreathepsw.shop/api

https://shortsvelventysjo.shop/api

https://incredibleextedwj.shop/api

https://liabilitynighstjsko.shop/api

https://demonstationfukewko.shop/api

Targets

    • Target

      tmp

    • Size

      478KB

    • MD5

      b3487e31f2f1fe5c761d63cc3bac5000

    • SHA1

      1d60084d6713d0574244d291fee586f663079e41

    • SHA256

      491d7b93c49438ac2b97e8ad343b99abbcc3536d9d32de6972ff64a7ec32f858

    • SHA512

      587ad89b74e83d657d13a280b713330686be6e82c74f42b0f318d38b4abe833689d7b542ba577f6be0242b7d63f8b4bdf4e79ac7edbcbc329f618365e1b3751c

    • SSDEEP

      12288:Sk8jfo4Q3OV75FkRIp35B/j5XfZzJqMnjP:mDUqFzjlfWMjP

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks