General

  • Target

    lumma0907.exe

  • Size

    508KB

  • Sample

    240711-pt3hhawfpr

  • MD5

    5dcb471423fbb62d7c218760aee4936d

  • SHA1

    7d72a2295639a8702ecdb77cc020b7a9eef48b04

  • SHA256

    837340da10b33b25bca1c15db3b273bfde18110b46949e8c545f31756e7b44bd

  • SHA512

    d8febe1cc91bbacd1b0298eb88d0d25f7789ee962f4d4717cb74ca1d1081ecab78a4062923b31386bcae141900ee99c182836e52bbb4b9f362cd8bdf687dc736

  • SSDEEP

    12288:NOnZ+QpQXdWqkWplgJ5u+uoXvS0e8OmCJD02paBDed2FPXB:NUZ+Q+NtgmQfK5Ndp4e4PX

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://stationacutwo.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      lumma0907.exe

    • Size

      508KB

    • MD5

      5dcb471423fbb62d7c218760aee4936d

    • SHA1

      7d72a2295639a8702ecdb77cc020b7a9eef48b04

    • SHA256

      837340da10b33b25bca1c15db3b273bfde18110b46949e8c545f31756e7b44bd

    • SHA512

      d8febe1cc91bbacd1b0298eb88d0d25f7789ee962f4d4717cb74ca1d1081ecab78a4062923b31386bcae141900ee99c182836e52bbb4b9f362cd8bdf687dc736

    • SSDEEP

      12288:NOnZ+QpQXdWqkWplgJ5u+uoXvS0e8OmCJD02paBDed2FPXB:NUZ+Q+NtgmQfK5Ndp4e4PX

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks