General

  • Target

    arcaneloader.exe

  • Size

    552KB

  • Sample

    240710-ny3tdswcnn

  • MD5

    5c35083901fb52ec589396d062687587

  • SHA1

    c4ad37e004dac1083a81ed85219660dd3a565b6b

  • SHA256

    06d83170369004849cf4a043378f672131c0c683a353e7ceac02e9ad1d9f05da

  • SHA512

    b9444a1602d2a0855dc70de768888579a491fd8a2fd27382d15a16d670db8e3e88a1d4139f15f7512d93e7d60c690b5251c61ac05685928f9954d8c88596de25

  • SSDEEP

    12288:DEjDsQBKHthpIUaGoI1iKYw5FYiNBJqH+Wm4lr5rYywB:DcDsQ2vNriKYUYir4+EFFg

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      arcaneloader.exe

    • Size

      552KB

    • MD5

      5c35083901fb52ec589396d062687587

    • SHA1

      c4ad37e004dac1083a81ed85219660dd3a565b6b

    • SHA256

      06d83170369004849cf4a043378f672131c0c683a353e7ceac02e9ad1d9f05da

    • SHA512

      b9444a1602d2a0855dc70de768888579a491fd8a2fd27382d15a16d670db8e3e88a1d4139f15f7512d93e7d60c690b5251c61ac05685928f9954d8c88596de25

    • SSDEEP

      12288:DEjDsQBKHthpIUaGoI1iKYw5FYiNBJqH+Wm4lr5rYywB:DcDsQ2vNriKYUYir4+EFFg

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks