lumma | hxxps://www[.]mediafire[.]com/folder/a5rrxy5i7xgq7/ROBLOXHACK | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows10-2004-x64

Sharing

General

Target

https://www.mediafire.com/folder/a5rrxy5i7xgq7/ROBLOXHACK
Sample

240527-dx3rwsee2w

Score

10^/10

lumma redline infostealer stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://www.mediafire.com/folder/a5rrxy5i7xgq7/ROBLOXHACK

Resource

win10v2004-20240226-en

lumma redline infostealer stealer

windows10-2004-x64

9 signatures

300 seconds

Malware Config

Extracted

Family

lumma

C2

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://femininiespywageg.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

- Target
  
  https://www.mediafire.com/folder/a5rrxy5i7xgq7/ROBLOXHACK
Score

10^/10

lumma redline infostealer stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

urlscan1

behavioral1

lummaredlineinfostealerstealer

© 2018-2024

Terms | Privacy