General

  • Target

    Insomnia.exe

  • Size

    533KB

  • Sample

    240524-wja4tsea2t

  • MD5

    03a847ab7c37c2afc5153913ff897be3

  • SHA1

    e9a9b56bb97a039a6063c7b70d398bf2f0038072

  • SHA256

    67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8

  • SHA512

    ee7750ce6c2497eced516b094e61ff05497bbefb83efaa6fb172e9e02ccc475ad9fbf0f04009921b9e0db538d7a511c7884174955c207292aae0ccc72e8a8791

  • SSDEEP

    12288:RxYEZoQZq11WygpAKRcT3hUVwabQIP+P0Xp:RxY0Zq1KRW3hUuan

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      Insomnia.exe

    • Size

      533KB

    • MD5

      03a847ab7c37c2afc5153913ff897be3

    • SHA1

      e9a9b56bb97a039a6063c7b70d398bf2f0038072

    • SHA256

      67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8

    • SHA512

      ee7750ce6c2497eced516b094e61ff05497bbefb83efaa6fb172e9e02ccc475ad9fbf0f04009921b9e0db538d7a511c7884174955c207292aae0ccc72e8a8791

    • SSDEEP

      12288:RxYEZoQZq11WygpAKRcT3hUVwabQIP+P0Xp:RxY0Zq1KRW3hUuan

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks