General

  • Target

    d0e840c53367724fd7cb98c2b925363b2f7c942e4d9bfe23ffbc98e216892443

  • Size

    441KB

  • Sample

    240710-ftn6faybnp

  • MD5

    6e5dd48f6329b480f12d90eb6f41aaa6

  • SHA1

    510d9f4b9ca94b45e9da6a21593c8d97584a3fb8

  • SHA256

    d0e840c53367724fd7cb98c2b925363b2f7c942e4d9bfe23ffbc98e216892443

  • SHA512

    b7d5c2fc7eaed85cec6add69ac82e86a4623a4ac24391bb7b38c5e1be2f9ccf21bc9f834532c571baebb4ce99440b89888c30a6e507f6fad508a24ded1a0e160

  • SSDEEP

    12288:wvi+p8BpVLij6DFva6JhZFlEwJ5PPR8CaypK4lbtEWNO:Z1RaMlNVPRfJpK4lbtEWNO

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://stationacutwo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      d0e840c53367724fd7cb98c2b925363b2f7c942e4d9bfe23ffbc98e216892443

    • Size

      441KB

    • MD5

      6e5dd48f6329b480f12d90eb6f41aaa6

    • SHA1

      510d9f4b9ca94b45e9da6a21593c8d97584a3fb8

    • SHA256

      d0e840c53367724fd7cb98c2b925363b2f7c942e4d9bfe23ffbc98e216892443

    • SHA512

      b7d5c2fc7eaed85cec6add69ac82e86a4623a4ac24391bb7b38c5e1be2f9ccf21bc9f834532c571baebb4ce99440b89888c30a6e507f6fad508a24ded1a0e160

    • SSDEEP

      12288:wvi+p8BpVLij6DFva6JhZFlEwJ5PPR8CaypK4lbtEWNO:Z1RaMlNVPRfJpK4lbtEWNO

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks