Overview

overview

10

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    200s
  • max time network
    202s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/06/2024, 00:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc4f0a8e3d12c98eac09a42bd976579ccc1851056d9de447495e8be7519760ed.exe

  • Size

    310KB

  • MD5

    6e3d83935c7a0810f75dfa9badc3f199

  • SHA1

    9f7d7c0ea662bcdca9b0cda928dc339f06ef0730

  • SHA256

    dc4f0a8e3d12c98eac09a42bd976579ccc1851056d9de447495e8be7519760ed

  • SHA512

    9f6b22bc9d0306a69d3c5bab83c7603fa23925c12089f9608772602ab2c4c0908cda2a3d9592fc0fab4aaff209ef41d3e2a931511ce9dfd027691e8dce9ad9b9

  • SSDEEP

    6144:3lGhYe2gss2fHZq4uCDrgcKJCMBus902mdK/WI5O7KKKDi4G:3lGhYHh0CnYZSLP7KKKD1G

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://parallelmercywksoffw.shop/api

https://liabiliytshareodlkv.shop/api

https://notoriousdcellkw.shop/api

https://conferencefreckewl.shop/api

https://flourhishdiscovrw.shop/api

https://landdumpycolorwskfw.shop/api

https://ohfantasyproclaiwlo.shop/api

https://barebrilliancedkoso.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc4f0a8e3d12c98eac09a42bd976579ccc1851056d9de447495e8be7519760ed.exe
    "C:\Users\Admin\AppData\Local\Temp\dc4f0a8e3d12c98eac09a42bd976579ccc1851056d9de447495e8be7519760ed.exe"
    1⤵
      PID:4920

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads