General

  • Target

    Setup.exe

  • Size

    517KB

  • Sample

    240711-16pb7awglj

  • MD5

    f45173dab3b06291aa20d1f56ab29cb2

  • SHA1

    976e197742d43f91deff3eb23bb2ee80b8519fda

  • SHA256

    49069089e1a28ea31a67787178a6cc12d894c2dfa1e89cbdd0d0813cf18a81f2

  • SHA512

    f96ed5a4f1d81a03b2683d891afa10e57aecf3a4c074fc83a9ed52e5639bd45097ba50b850ba66884c6f6286b08db31c19b25550fad93798400c1e71cb749e05

  • SSDEEP

    12288:fGJtSp5NxGnlMSMjoJvrA9F9KSvlr8YzR:fAtSpDEi5jo9e5

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://bargainnykwo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      Setup.exe

    • Size

      517KB

    • MD5

      f45173dab3b06291aa20d1f56ab29cb2

    • SHA1

      976e197742d43f91deff3eb23bb2ee80b8519fda

    • SHA256

      49069089e1a28ea31a67787178a6cc12d894c2dfa1e89cbdd0d0813cf18a81f2

    • SHA512

      f96ed5a4f1d81a03b2683d891afa10e57aecf3a4c074fc83a9ed52e5639bd45097ba50b850ba66884c6f6286b08db31c19b25550fad93798400c1e71cb749e05

    • SSDEEP

      12288:fGJtSp5NxGnlMSMjoJvrA9F9KSvlr8YzR:fAtSpDEi5jo9e5

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks