Overview

overview

10

Static

static

3

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0420f3de9c41d13a93a9f9a653459db326cd7eae7d1469e2de82918913978a95

  • Size

    5.6MB

  • Sample

    240504-1713dagc49

  • MD5

    95159b0b60b909b9226bf9cd329c1047

  • SHA1

    db95b7c621f1279e94ecdddd8bc451880250f41e

  • SHA256

    0420f3de9c41d13a93a9f9a653459db326cd7eae7d1469e2de82918913978a95

  • SHA512

    0fdc42c64bc1a9ea9e4ac1d5211fda8f5bc82998e06ca38e2c8ca20fe575e9cf1531fb7e24072956faacf2795edf74b477f83bb5e60071e65a5e9a8d46de8a2c

  • SSDEEP

    49152:nhtwW2YcBsysyY3utH3SRh2wyP0B9RVnF+vLbkaGYEQ633qSbmqjo5EJjDWI2vin:nL7cS19ug7McRVcndjEwC8n

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://stiffraspyofkwsl.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      0420f3de9c41d13a93a9f9a653459db326cd7eae7d1469e2de82918913978a95

    • Size

      5.6MB

    • MD5

      95159b0b60b909b9226bf9cd329c1047

    • SHA1

      db95b7c621f1279e94ecdddd8bc451880250f41e

    • SHA256

      0420f3de9c41d13a93a9f9a653459db326cd7eae7d1469e2de82918913978a95

    • SHA512

      0fdc42c64bc1a9ea9e4ac1d5211fda8f5bc82998e06ca38e2c8ca20fe575e9cf1531fb7e24072956faacf2795edf74b477f83bb5e60071e65a5e9a8d46de8a2c

    • SSDEEP

      49152:nhtwW2YcBsysyY3utH3SRh2wyP0B9RVnF+vLbkaGYEQ633qSbmqjo5EJjDWI2vin:nL7cS19ug7McRVcndjEwC8n

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks