Analysis

  • max time kernel
    129s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-05-2024 15:11

General

  • Target

    236732ce453b741f26e2fb94d54ade44d3d1ae332c52f6d420a1dcc1c8d05dd5.exe

  • Size

    694KB

  • MD5

    c8032b42738527a70de1dadc4a7bff5b

  • SHA1

    f5f778df15d4e14503bea0f654cf9427ba050a38

  • SHA256

    236732ce453b741f26e2fb94d54ade44d3d1ae332c52f6d420a1dcc1c8d05dd5

  • SHA512

    babddfaac51c11952a79047852b01c499075acfe24e91dac46a5c590a31be1e4e71df5b1daf27254d9d608fa7345839790f8a550e04392de7f625c5d6b22a97d

  • SSDEEP

    12288:OO0Jg3ZJ7hWFArUqHsjumNFcF9gopM3bcgsqV5P3JkTC:OJJU7hWFuHyumzcCLUqV5v0

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://cleartotalfisherwo.shop/api

https://worryfillvolcawoi.shop/api

https://enthusiasimtitleow.shop/api

https://dismissalcylinderhostw.shop/api

https://affordcharmcropwo.shop/api

https://diskretainvigorousiw.shop/api

https://communicationgenerwo.shop/api

https://pillowbrocccolipe.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

Processes

  • C:\Users\Admin\AppData\Local\Temp\236732ce453b741f26e2fb94d54ade44d3d1ae332c52f6d420a1dcc1c8d05dd5.exe
    "C:\Users\Admin\AppData\Local\Temp\236732ce453b741f26e2fb94d54ade44d3d1ae332c52f6d420a1dcc1c8d05dd5.exe"
    1⤵
      PID:1428

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1428-0-0x00000000008E0000-0x000000000092D000-memory.dmp

      Filesize

      308KB

    • memory/1428-6-0x0000000000B40000-0x0000000000B41000-memory.dmp

      Filesize

      4KB

    • memory/1428-5-0x0000000000B40000-0x0000000000B41000-memory.dmp

      Filesize

      4KB

    • memory/1428-7-0x0000000000B40000-0x0000000000B41000-memory.dmp

      Filesize

      4KB

    • memory/1428-9-0x0000000000B40000-0x0000000000B41000-memory.dmp

      Filesize

      4KB

    • memory/1428-8-0x0000000000B40000-0x0000000000B41000-memory.dmp

      Filesize

      4KB

    • memory/1428-10-0x00000000008E0000-0x000000000092D000-memory.dmp

      Filesize

      308KB