lumma | 1dae2f77f68cd904437938939b9f20e92bef43e54b0886a4b13efd8599d8e2c7 | Triage

Submit
Reports

Overview

overview

Static

static

3

Hamster Co...ot.exe

windows10-2004-x64

Resubmissions

28-05-2024 19:09

240528-xt8crahe76 10

28-05-2024 18:35

240528-w8gmxage52 3

Sharing

General

Target

Hamster_bot.zip
Size

41.9MB
Sample

240528-xt8crahe76
MD5

c1f6b3778981f9f78db7cd981834cdd6
SHA1

88acec27ab77872472c2849cb38e603c7cfef8c3
SHA256

1dae2f77f68cd904437938939b9f20e92bef43e54b0886a4b13efd8599d8e2c7
SHA512

9c7f4aebfbfa9904c8ba339f247238d8dec2c03f61e757ca7fe1a9fa11a77feb82db5f3a9206e0fb8677627b3331e81a4b5c4a72572cf518765267aa0c3f87e3
SSDEEP

786432:Xj5k57drXaMmPXikbH+Uus78+Xz0ngxWeI1Rl5GowHWQ1YvwZMcUVv1m:Xj5kNxaMtkbeUus7Nbgrl5GtKALUVvo

Score

10^/10

lumma pyinstaller stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Hamster Combat Bot.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
146.19.207.14
Port:
21
Username:
anonymous
Password:
anonymous@

Extracted

Family

lumma

C2

https://varianntyfeecterd.shop/api

https://horsedwollfedrwos.shop/api

https://patternapplauderw.shop/api

https://understanndtytonyguw.shop/api

https://considerrycurrentyws.shop/api

https://messtimetabledkolvk.shop/api

https://detailbaconroollyws.shop/api

https://deprivedrinkyfaiir.shop/api

https://relaxtionflouwerwi.shop/api

Targets

- Target
  
  Hamster Combat Bot.exe
- Size
  
  6.0MB
- MD5
  
  e4b54540b9179f0e0a33c0f2ceda41f9
- SHA1
  
  17188578cea65d937f53ad8613169ef9cf57d234
- SHA256
  
  b245e96d0038864a580de095bc6280d512482bf5f562737becf725f78220492b
- SHA512
  
  9b08a555e194edb4cd5a536cf85aef9623bc8b9892bc2ccfb2e757593e86ecc66e884884aaf2ce5b2bf49ff866ad72656908d33c762a01737330e6c18ae2bc7f
- SSDEEP
  
  196608:Lhj8W8xzimuukA7cfDCUWOWXSaioVAxUfcOd7:qcbmOWYoS2fFd
Score

10^/10

lumma stealer
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy