General

  • Target

    Setup.exe

  • Size

    99.3MB

  • Sample

    240711-znlmxawcpa

  • MD5

    73b6242fd0c0e5774dfdfe8b722af480

  • SHA1

    0315dfc1756c7ad853fac17699f9cdb25a88cd8c

  • SHA256

    e472c4aa345cb5c11890edd4dcef8192c7447a92374559e7c55a269689de6b86

  • SHA512

    5f88bc3c652999af7c410c603ae115242183c9c9d2aba865b2b7131b7ac4b236ce2f576762630a22c4b9bbc15cc1f8f02bc099f7922ac5a574db1b89aec95a5a

  • SSDEEP

    98304:k7kpXKxfuQ07TZkDZm9qNGMdhz1Z7dkbr5s8HVES0HBS4YEYQYBmDdsF3e4qaMS5:kfmxkDZhNGY1Z7dK110hSAYQMesF37H

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://replacedoxcjzp.shop/api

https://applyzxcksdia.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      Setup.exe

    • Size

      99.3MB

    • MD5

      73b6242fd0c0e5774dfdfe8b722af480

    • SHA1

      0315dfc1756c7ad853fac17699f9cdb25a88cd8c

    • SHA256

      e472c4aa345cb5c11890edd4dcef8192c7447a92374559e7c55a269689de6b86

    • SHA512

      5f88bc3c652999af7c410c603ae115242183c9c9d2aba865b2b7131b7ac4b236ce2f576762630a22c4b9bbc15cc1f8f02bc099f7922ac5a574db1b89aec95a5a

    • SSDEEP

      98304:k7kpXKxfuQ07TZkDZm9qNGMdhz1Z7dkbr5s8HVES0HBS4YEYQYBmDdsF3e4qaMS5:kfmxkDZhNGY1Z7dK110hSAYQMesF37H

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks