General

  • Target

    roblox executor.exe

  • Size

    608KB

  • Sample

    240525-nkn33sfb88

  • MD5

    3aadab23a935174d2dc8c7fd7521ae15

  • SHA1

    a448e2ab05adfbab8b20d795d6c6c402b6813422

  • SHA256

    19cdd9ecb2422750ed64d6be420d725d85117b9b896173a0df54afeab7b9af7d

  • SHA512

    f8e20b106c4a658544e7fff4663f485c295f6a1a8fb825cb12b0bf1be040b3ada43846d7a4768d6aad6f1b9036074854b6a94185e99e65c09a1415ac425fac00

  • SSDEEP

    12288:bi9vo5iJA8ANFmaXjdmXBBI3qt4ovxONhcZK/:sAzNFmaXpmXc3qtBvKaZK

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      roblox executor.exe

    • Size

      608KB

    • MD5

      3aadab23a935174d2dc8c7fd7521ae15

    • SHA1

      a448e2ab05adfbab8b20d795d6c6c402b6813422

    • SHA256

      19cdd9ecb2422750ed64d6be420d725d85117b9b896173a0df54afeab7b9af7d

    • SHA512

      f8e20b106c4a658544e7fff4663f485c295f6a1a8fb825cb12b0bf1be040b3ada43846d7a4768d6aad6f1b9036074854b6a94185e99e65c09a1415ac425fac00

    • SSDEEP

      12288:bi9vo5iJA8ANFmaXjdmXBBI3qt4ovxONhcZK/:sAzNFmaXpmXc3qtBvKaZK

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks