lumma | fd2faf499551738ed7da833d7382548b6a788d2f6ddf94a4dfb6cc70eb1e0afe | Triage

Sharing

General

Target

8e343aae11e8873b14002495e6c84720_NeikiAnalytics
Size

1.2MB
Sample

240516-d48aysaf73
MD5

8e343aae11e8873b14002495e6c84720
SHA1

a2fd3a0932baba0327836ce8edb4a855c36166fa
SHA256

fd2faf499551738ed7da833d7382548b6a788d2f6ddf94a4dfb6cc70eb1e0afe
SHA512

4552f665e12f7ae5cfa6d7b3443cf34eded1eb9cdb5cfa1a8d17918a5ded45206d087ceb1c42980a639cc30fe9feb48e7253aa3b1db81ed96c9b531306fa7557
SSDEEP

24576:vVHdi4bCwqF6aVVrA9t+mMs6YQwDCIYqnhjZ7khiMsKs:vV9IF6aVVrAympFnhFcvs

Score

10^/10

lumma stealer

Malware Config

Extracted

Family

lumma

C2

https://stiffraspyofkwsl.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

- Target
  
  8e343aae11e8873b14002495e6c84720_NeikiAnalytics
- Size
  
  1.2MB
- MD5
  
  8e343aae11e8873b14002495e6c84720
- SHA1
  
  a2fd3a0932baba0327836ce8edb4a855c36166fa
- SHA256
  
  fd2faf499551738ed7da833d7382548b6a788d2f6ddf94a4dfb6cc70eb1e0afe
- SHA512
  
  4552f665e12f7ae5cfa6d7b3443cf34eded1eb9cdb5cfa1a8d17918a5ded45206d087ceb1c42980a639cc30fe9feb48e7253aa3b1db81ed96c9b531306fa7557
- SSDEEP
  
  24576:vVHdi4bCwqF6aVVrA9t+mMs6YQwDCIYqnhjZ7khiMsKs:vV9IF6aVVrAympFnhFcvs
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2