General

  • Target

    file

  • Size

    176KB

  • Sample

    240528-sk86gaba66

  • MD5

    14dc49b348c723ba9d33d8bfb984361f

  • SHA1

    2c1813e4112e8eebac8d36eba037a1f4bc4d4582

  • SHA256

    11748328b0e3ceb37dc08a0e840563cd967b89246a6aa31bcb1eebcfe16e68f8

  • SHA512

    d5b6afe14ac8ef59f1bd2f22974961984ae831eba0a4fe3c8d4855e91115e3a732132054c64389de9e9ef1ab7eda5b7eb66608fc696b22f5dfb687e0e856ae4b

  • SSDEEP

    1536:liRSV50ZoTgAJuHnjde83Ml83Mn1CyKBKyf6C9XS6zmFMtMd5/an/Rlb31rDzQeC:limgAkHnjPIQ6KSEX/iHrr4Yc4

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://femininiespywageg.shop/api

https://museumtespaceorsp.shop/api

https://buttockdecarderwiso.shop/api

https://averageaattractiionsl.shop/api

https://employhabragaomlsp.shop/api

https://stalfbaclcalorieeis.shop/api

https://civilianurinedtsraov.shop/api

https://roomabolishsnifftwk.shop/api

Targets

    • Target

      file

    • Size

      176KB

    • MD5

      14dc49b348c723ba9d33d8bfb984361f

    • SHA1

      2c1813e4112e8eebac8d36eba037a1f4bc4d4582

    • SHA256

      11748328b0e3ceb37dc08a0e840563cd967b89246a6aa31bcb1eebcfe16e68f8

    • SHA512

      d5b6afe14ac8ef59f1bd2f22974961984ae831eba0a4fe3c8d4855e91115e3a732132054c64389de9e9ef1ab7eda5b7eb66608fc696b22f5dfb687e0e856ae4b

    • SSDEEP

      1536:liRSV50ZoTgAJuHnjde83Ml83Mn1CyKBKyf6C9XS6zmFMtMd5/an/Rlb31rDzQeC:limgAkHnjPIQ6KSEX/iHrr4Yc4

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks