General

  • Target

    6fd132f196d23238176448889066b01c0c39c8e050f66a85583d0e96bc069927

  • Size

    2.0MB

  • Sample

    240708-fpsytswala

  • MD5

    33af5eff0ac594951d2d07c8d0a9ee97

  • SHA1

    cd32d6c6ac388779fb91afe1354f6d3a1b49058f

  • SHA256

    6fd132f196d23238176448889066b01c0c39c8e050f66a85583d0e96bc069927

  • SHA512

    6c1f47c57cef87322a5bb495524a61b1cbb3d16a347148c1438bcd4a981eaac59933daacd22e1d6fd6d33aed9fa325277103b41254586a2dbcc0cd85727ccff2

  • SSDEEP

    49152:idAxCScmxlAT8o9/+kTMDNfKNi/S854fr80T:idTrAox+kmNf7/SBw0T

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goodymuxzjch.shop/api

Targets

    • Target

      6fd132f196d23238176448889066b01c0c39c8e050f66a85583d0e96bc069927

    • Size

      2.0MB

    • MD5

      33af5eff0ac594951d2d07c8d0a9ee97

    • SHA1

      cd32d6c6ac388779fb91afe1354f6d3a1b49058f

    • SHA256

      6fd132f196d23238176448889066b01c0c39c8e050f66a85583d0e96bc069927

    • SHA512

      6c1f47c57cef87322a5bb495524a61b1cbb3d16a347148c1438bcd4a981eaac59933daacd22e1d6fd6d33aed9fa325277103b41254586a2dbcc0cd85727ccff2

    • SSDEEP

      49152:idAxCScmxlAT8o9/+kTMDNfKNi/S854fr80T:idTrAox+kmNf7/SBw0T

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks