General

  • Target

    https://github.com/hillsfann/Eulen_Modmenu/raw/main/Loader.exe

  • Sample

    240526-ybd7maab93

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://cleartotalfisherwo.shop/api

https://worryfillvolcawoi.shop/api

https://enthusiasimtitleow.shop/api

https://dismissalcylinderhostw.shop/api

https://affordcharmcropwo.shop/api

https://diskretainvigorousiw.shop/api

https://communicationgenerwo.shop/api

https://pillowbrocccolipe.shop/api

Targets

    • Target

      https://github.com/hillsfann/Eulen_Modmenu/raw/main/Loader.exe

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks