General

  • Target

    2024-05inv-pfd-rechnung04.exe

  • Size

    105.8MB

  • Sample

    240528-rxgrbahb2z

  • MD5

    94f246c91cf76c3f6dea26b722d1d497

  • SHA1

    5855634bffbdb5a503779b71f1e531d5de9c0eae

  • SHA256

    54d129639cca374978b26da3d2088b41ae2c21f371639405cc35a403bf088e8b

  • SHA512

    c452db15f3d9b5b2ccc6d7a0b18bde0b7b7f9de0b4b64e71b4aa74fb7d7bd4505a2ec25f46e8f870a78a258e52a819e86c1bdadb60a6f1ddfcce441aeae72d86

  • SSDEEP

    98304:fhPIPLKJhDICNLcahzCR0ZyLwMrnsNe/PNmDUMw/cz68rXfMiTgakEHXtPfY7ygU:hphzsSwT/PIrXfMiTHd3K7ygU

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://deprivedrinkyfaiir.shop/api

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://relaxtionflouwerwi.shop/api

Targets

    • Target

      2024-05inv-pfd-rechnung04.exe

    • Size

      105.8MB

    • MD5

      94f246c91cf76c3f6dea26b722d1d497

    • SHA1

      5855634bffbdb5a503779b71f1e531d5de9c0eae

    • SHA256

      54d129639cca374978b26da3d2088b41ae2c21f371639405cc35a403bf088e8b

    • SHA512

      c452db15f3d9b5b2ccc6d7a0b18bde0b7b7f9de0b4b64e71b4aa74fb7d7bd4505a2ec25f46e8f870a78a258e52a819e86c1bdadb60a6f1ddfcce441aeae72d86

    • SSDEEP

      98304:fhPIPLKJhDICNLcahzCR0ZyLwMrnsNe/PNmDUMw/cz68rXfMiTgakEHXtPfY7ygU:hphzsSwT/PIrXfMiTHd3K7ygU

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks