Overview

overview

10

Static

static

7

winprofile

windows7-x64

7

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7eb9327b1e9279bd1555a58930fe5bc72c729a06b155154aa733a89dc2a6ac31

  • Size

    5.5MB

  • Sample

    240429-ewcdzsac4y

  • MD5

    a67cd87428bf619be94c8cee14d4d9bb

  • SHA1

    32010ff46d32e8b8f01a3d2dd71412f949468182

  • SHA256

    7eb9327b1e9279bd1555a58930fe5bc72c729a06b155154aa733a89dc2a6ac31

  • SHA512

    d69202a32627e4a39893a08e354e28dece52f5e1f60ce6df604fe02bb3edb64ca4a8892485810c0ee0b44bf03e8e9d0a3bc104b0b1968cd094babad7c4007d20

  • SSDEEP

    98304:NltcgWr7Ifr2MjConjFpWImrFiHJwz2XEqVeDPA+ZDOwvgx8:1EIfr2gnjvkCKz2UqSNOwvgx

Score
10/10
lummastealervmprotect

Malware Config

Extracted

Family

lumma

C2

https://unhappytidydryypwto.shop/api

https://cleartotalfisherwo.shop/api

https://worryfillvolcawoi.shop/api

https://enthusiasimtitleow.shop/api

https://dismissalcylinderhostw.shop/api

https://affordcharmcropwo.shop/api

https://diskretainvigorousiw.shop/api

https://communicationgenerwo.shop/api

https://pillowbrocccolipe.shop/api

Targets

    • Target

      7eb9327b1e9279bd1555a58930fe5bc72c729a06b155154aa733a89dc2a6ac31

    • Size

      5.5MB

    • MD5

      a67cd87428bf619be94c8cee14d4d9bb

    • SHA1

      32010ff46d32e8b8f01a3d2dd71412f949468182

    • SHA256

      7eb9327b1e9279bd1555a58930fe5bc72c729a06b155154aa733a89dc2a6ac31

    • SHA512

      d69202a32627e4a39893a08e354e28dece52f5e1f60ce6df604fe02bb3edb64ca4a8892485810c0ee0b44bf03e8e9d0a3bc104b0b1968cd094babad7c4007d20

    • SSDEEP

      98304:NltcgWr7Ifr2MjConjFpWImrFiHJwz2XEqVeDPA+ZDOwvgx8:1EIfr2gnjvkCKz2UqSNOwvgx

    Score
    10/10
    vmprotectlummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks