General

  • Target

    qeUaxJCA3FO.exe

  • Size

    13.5MB

  • Sample

    240712-cc7pnswfjg

  • MD5

    9b853aa96fd2cb2560b3fd028b3c72e6

  • SHA1

    937e33e7286dcfdef65aa78ae9135d016ce4b666

  • SHA256

    2f425629870710441e44270ff93353a0b60cb32a0ccb9d3de9e0f186639280f2

  • SHA512

    7df46e11c469e62c692e4ae5b983bc754eb6cb560c7c76d59aa7d15060e56e5e8b8e757304d95b35ae93155fadfd2076ffa93aa1e098be0dc2bd982c07ce62a5

  • SSDEEP

    98304:eLxO5Pzqk4Hl3WXRVcNrJM8LD8JkV+7nnsSp2EqaSdlESX5aR2JmAq4u:sxI0WRVcU8ka+7nEEyAS

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://citizencenturygoodwk.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

https://reinforcedirectorywd.shop/api

Targets

    • Target

      qeUaxJCA3FO.exe

    • Size

      13.5MB

    • MD5

      9b853aa96fd2cb2560b3fd028b3c72e6

    • SHA1

      937e33e7286dcfdef65aa78ae9135d016ce4b666

    • SHA256

      2f425629870710441e44270ff93353a0b60cb32a0ccb9d3de9e0f186639280f2

    • SHA512

      7df46e11c469e62c692e4ae5b983bc754eb6cb560c7c76d59aa7d15060e56e5e8b8e757304d95b35ae93155fadfd2076ffa93aa1e098be0dc2bd982c07ce62a5

    • SSDEEP

      98304:eLxO5Pzqk4Hl3WXRVcNrJM8LD8JkV+7nnsSp2EqaSdlESX5aR2JmAq4u:sxI0WRVcU8ka+7nEEyAS

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks