General

  • Target

    @

  • Size

    94KB

  • Sample

    240518-yn1w6adb88

  • MD5

    6353701909e68aa3361789eb2736dc75

  • SHA1

    de0f94e68d204e91468c8e978f0c8fc59ff7a89e

  • SHA256

    7ae3058517cfa703ac0a1cd6c7d9dd351cb324eeca24a40293eee56ea8e37e23

  • SHA512

    85ab456b1ad4ff553ac92af9c0d124e293df08c34f0c5626864ddc4203535fabc76b3481118ecf3171215a03fcfee721b6eadb717848e1f770d587735f0fdb2f

  • SSDEEP

    1536:0imh650ZoTgAJuHnjde83Ml83Mn1CyKxzmFMlHxcxl1Ztzw3NPnJW+fkH80r8GB3:0iRgAkHnjP1rcGx4Nm4

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://distributopsuoprs.shop/api

Targets

    • Target

      @

    • Size

      94KB

    • MD5

      6353701909e68aa3361789eb2736dc75

    • SHA1

      de0f94e68d204e91468c8e978f0c8fc59ff7a89e

    • SHA256

      7ae3058517cfa703ac0a1cd6c7d9dd351cb324eeca24a40293eee56ea8e37e23

    • SHA512

      85ab456b1ad4ff553ac92af9c0d124e293df08c34f0c5626864ddc4203535fabc76b3481118ecf3171215a03fcfee721b6eadb717848e1f770d587735f0fdb2f

    • SSDEEP

      1536:0imh650ZoTgAJuHnjde83Ml83Mn1CyKxzmFMlHxcxl1Ztzw3NPnJW+fkH80r8GB3:0iRgAkHnjP1rcGx4Nm4

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks