Analysis
-
max time kernel
92s -
max time network
93s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
14/06/2024, 22:54
General
-
Target
58e65cfde536ec41977603948a4fe9d44e046fd6c0f917b95cc38a0d56254ed6.exe
-
Size
414KB
-
MD5
c559a291d3ea6f2165b35dff4c85bbb0
-
SHA1
db1c6805f32a613c3e1f95d72103221a2bc86b34
-
SHA256
58e65cfde536ec41977603948a4fe9d44e046fd6c0f917b95cc38a0d56254ed6
-
SHA512
2cb8ec8d2c8f448cdef72c775e7c726c1c60e937541a2d8e8b46c7c1c00bfb8f460607cd8d5cb16cf5f91ca2a21720b911c3aeee0848439d4a33ab4e873b231c
-
SSDEEP
6144:RFb1Wyino2otCHKYdtqcyoUjezRbiy7XZsObuWfS7FyCGmkuSvTx:RiymeCHKQeorz1Kv/7FivRx
Malware Config
Extracted
lumma
https://stronggemateraislw.shop/api
https://distincttangyflippan.shop/api
https://macabrecondfucews.shop/api
https://greentastellesqwm.shop/api
https://stickyyummyskiwffe.shop/api
https://sturdyregularrmsnhw.shop/api
https://lamentablegapingkwaq.shop/api
https://innerverdanytiresw.shop/api
https://standingcomperewhitwo.shop/api
Signatures
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\58e65cfde536ec41977603948a4fe9d44e046fd6c0f917b95cc38a0d56254ed6.exe"C:\Users\Admin\AppData\Local\Temp\58e65cfde536ec41977603948a4fe9d44e046fd6c0f917b95cc38a0d56254ed6.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 3882⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2220 -ip 22201⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
320KB
-
Filesize
1024KB
-
Filesize
364KB
-
Filesize
480KB
-
Filesize
320KB
-
Filesize
364KB