Overview

overview

10

Static

static

3

bot/bot.exe

windows10-2004-x64

10

Resubmissions

23-05-2024 18:25

240523-w2k2rabg4y 3

23-05-2024 18:23

240523-w1f2eabf9x 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BOT.zip

  • Size

    15.7MB

  • Sample

    240523-w1f2eabf9x

  • MD5

    f36674b777b552220e8351d9c8b8b807

  • SHA1

    b0a890664a0f671803309d26ba9719193b72f5a2

  • SHA256

    7385878adbc119a11872e8ffe418c67879df54298c94107b626f60a462903f4f

  • SHA512

    c93156565e7bb28c298113b0e920f7ea262b592318f5c2388319e6b1f65fcca665876f53f4a11e2d388012e0c1e215b78c13ff13781ed2a2185e9e48e11480d0

  • SSDEEP

    393216:tYMpItVO6ifKCpMGcy3t61lxpQSRcpSnK8WXkpI3sOFiMvZ:tYMpIbO60Ky34zpmpEZI3jF/Z

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://chunkylopsidedwos.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      bot/bot.exe

    • Size

      462KB

    • MD5

      b2ebffa185fd884b6c5b5ac5fdf0d1f9

    • SHA1

      cf43cd203b3e68afd34f365c5d9e0a518b772ad5

    • SHA256

      d7d6b4b6c1ba7ae8f2080167b80e6a8e3f73a3ca032b99be8449c3086ba7a8d6

    • SHA512

      36fa92051293dd135c856665ecd26e51d300a9ded0a6ef5bb7b413456e867f5ab36595ef4afe524030f398ae62dbf563c53a4a316786fc8ef69366ec79562515

    • SSDEEP

      12288:I3/SNR/DwobrGEGRW6QZpNCpIa4cHDKU:I63ZrBAzoaph4ce

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks