General

  • Target

    redirect

  • Size

    6KB

  • Sample

    240711-zwd8sswfkc

  • MD5

    91462c06cb3bed53da0f11bfb3866499

  • SHA1

    a83d39a23e19ead03dcabcafc8eebb0573adc7b4

  • SHA256

    2a48076c0f5b3d7f036050ddf15ff806b064616cb488288dfdc6b78ecafa4703

  • SHA512

    c4fa9e145a1431c93ec8f92c15b752c84fe8e9378cabbcfc7e6dab9eb634a18d2bb85e16ce3653a0f980e1dc31ebc6dddecb735081b3510b4d58f02951a05323

  • SSDEEP

    192:duHLxX7777/77QF70yrA0Lod4BYCIozObXwqM:dur5HYI0+CIozObX/M

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      redirect

    • Size

      6KB

    • MD5

      91462c06cb3bed53da0f11bfb3866499

    • SHA1

      a83d39a23e19ead03dcabcafc8eebb0573adc7b4

    • SHA256

      2a48076c0f5b3d7f036050ddf15ff806b064616cb488288dfdc6b78ecafa4703

    • SHA512

      c4fa9e145a1431c93ec8f92c15b752c84fe8e9378cabbcfc7e6dab9eb634a18d2bb85e16ce3653a0f980e1dc31ebc6dddecb735081b3510b4d58f02951a05323

    • SSDEEP

      192:duHLxX7777/77QF70yrA0Lod4BYCIozObXwqM:dur5HYI0+CIozObX/M

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks