Overview

overview

10

Static

static

1

Galaxy Swa....3.exe

windows7-x64

3

Galaxy Swa....3.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Galaxy Swapper v2.0.3.exe

  • Size

    532KB

  • Sample

    240620-p9r2psyejd

  • MD5

    c812ecf0e689b3e85a15d43943f6e077

  • SHA1

    7b39ca11c6144c256f605441477ae49058405ef8

  • SHA256

    4a553b2e2ff7003b55a8923047d2f76cacd258317810b0107004aa7101e0fca2

  • SHA512

    bd2348e1d82fe0fbe2674bbff32e4cad7cf574c7adfd56a94edad9cb61aff8c38bbc72232af4aea5bbc4205a286031a73cdcd386f152dca2d75dd1ad161829ba

  • SSDEEP

    12288:PG0AUBSdefuBqAMF0qBy5Q5SD31MrgEFa1+l1n2EO:PG0AFdeffHPy+SDwLy+lYt

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://injurypiggyoewirog.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://leafcalfconflcitw.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Targets

    • Target

      Galaxy Swapper v2.0.3.exe

    • Size

      532KB

    • MD5

      c812ecf0e689b3e85a15d43943f6e077

    • SHA1

      7b39ca11c6144c256f605441477ae49058405ef8

    • SHA256

      4a553b2e2ff7003b55a8923047d2f76cacd258317810b0107004aa7101e0fca2

    • SHA512

      bd2348e1d82fe0fbe2674bbff32e4cad7cf574c7adfd56a94edad9cb61aff8c38bbc72232af4aea5bbc4205a286031a73cdcd386f152dca2d75dd1ad161829ba

    • SSDEEP

      12288:PG0AUBSdefuBqAMF0qBy5Q5SD31MrgEFa1+l1n2EO:PG0AFdeffHPy+SDwLy+lYt

    Score
    10/10
    lummastealer

    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks