General

  • Target

    MM2script.exe

  • Size

    392KB

  • Sample

    240528-lg8xzafc25

  • MD5

    65685f375ad46858bdfe398c79a24544

  • SHA1

    9c22f77e28f2f034093211f30a75b6ac701b9446

  • SHA256

    2376ebe9c41ec45cbcc0405df2f80e859c567b097ae48b36322cbefb366cf1ae

  • SHA512

    7edf7a8f1401f3962bb03009342e3d29c4c900aae5cf5904acce42c986ab5cb27976e600b207222b70354a9dd9e21a8479474534394132483d5645842339759d

  • SSDEEP

    12288:jvY8MFFvM8DIeDu+lokv6bBoiyCArXWJtEZoZCbKrpYvlo2UxlQD:k8MjED1+Sm6bB

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      MM2script.exe

    • Size

      392KB

    • MD5

      65685f375ad46858bdfe398c79a24544

    • SHA1

      9c22f77e28f2f034093211f30a75b6ac701b9446

    • SHA256

      2376ebe9c41ec45cbcc0405df2f80e859c567b097ae48b36322cbefb366cf1ae

    • SHA512

      7edf7a8f1401f3962bb03009342e3d29c4c900aae5cf5904acce42c986ab5cb27976e600b207222b70354a9dd9e21a8479474534394132483d5645842339759d

    • SSDEEP

      12288:jvY8MFFvM8DIeDu+lokv6bBoiyCArXWJtEZoZCbKrpYvlo2UxlQD:k8MjED1+Sm6bB

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks