General

  • Target

    Setup_v1.7.3.exe

  • Size

    5.6MB

  • Sample

    240526-ac2sbagb24

  • MD5

    72464ca47667df3dccdc606efec46c33

  • SHA1

    889a5e09e67518edbc60f494b326f077dfa42cb4

  • SHA256

    81a6a19974fb4f83ea650091e460b0aba2495df12466c91f479948c949472b2b

  • SHA512

    0984a3a05471cc030a6ad1bc27a7a3c2ca9c49463037d1eb1db8c2ecf26109ae3be0b978fb9cfeafb91884d5586187bf6df266d287982fdc008e1084cd91d0e7

  • SSDEEP

    98304:v6RgbUtwhPNKXfSJqqmy+P3XTpse8/rWPK/9/wU:CROyP3XVsekyK/9/wU

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://corruptioncrackywosp.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      Setup_v1.7.3.exe

    • Size

      5.6MB

    • MD5

      72464ca47667df3dccdc606efec46c33

    • SHA1

      889a5e09e67518edbc60f494b326f077dfa42cb4

    • SHA256

      81a6a19974fb4f83ea650091e460b0aba2495df12466c91f479948c949472b2b

    • SHA512

      0984a3a05471cc030a6ad1bc27a7a3c2ca9c49463037d1eb1db8c2ecf26109ae3be0b978fb9cfeafb91884d5586187bf6df266d287982fdc008e1084cd91d0e7

    • SSDEEP

      98304:v6RgbUtwhPNKXfSJqqmy+P3XTpse8/rWPK/9/wU:CROyP3XVsekyK/9/wU

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks