General

  • Target

    7a1e32507bd0b9ac461c6323aa5208c4174e5333c41440d3b6b1fb03f3261caa

  • Size

    521KB

  • Sample

    240703-3pb2mstfpf

  • MD5

    0578c4d0a69456e0605c16a0d074f98d

  • SHA1

    3e7862af0c1c732c721ee41c48f22baef6f8e596

  • SHA256

    7a1e32507bd0b9ac461c6323aa5208c4174e5333c41440d3b6b1fb03f3261caa

  • SHA512

    68dfae4d325ddd2cda54b45730613bf5e09fb7f2e563c5ad5bcb893408ec243fa5f17164eb8ac5c7769168bc7a6862c60babb494d9bfa8c6faaf5faf0af2ae34

  • SSDEEP

    12288:Ddl6y6MByhr+BaH5rhZOqESC6Dq229iNexr9HS0EO:hgCykYbkLn22sept

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      7a1e32507bd0b9ac461c6323aa5208c4174e5333c41440d3b6b1fb03f3261caa

    • Size

      521KB

    • MD5

      0578c4d0a69456e0605c16a0d074f98d

    • SHA1

      3e7862af0c1c732c721ee41c48f22baef6f8e596

    • SHA256

      7a1e32507bd0b9ac461c6323aa5208c4174e5333c41440d3b6b1fb03f3261caa

    • SHA512

      68dfae4d325ddd2cda54b45730613bf5e09fb7f2e563c5ad5bcb893408ec243fa5f17164eb8ac5c7769168bc7a6862c60babb494d9bfa8c6faaf5faf0af2ae34

    • SSDEEP

      12288:Ddl6y6MByhr+BaH5rhZOqESC6Dq229iNexr9HS0EO:hgCykYbkLn22sept

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks