Overview

overview

10

Static

static

3

@!^Install...up.exe

windows7-x64

1

@!^Install...up.exe

windows10-2004-x64

10

@!^Install...up.exe

windows11-21h2-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    @!^Installer_PC_Setup_2024_Ṕ@ṨṨẄṏṛḋ_^.zip

  • Size

    11.1MB

  • Sample

    240727-rxgrbaxbjb

  • MD5

    6507687052da1c974fa7fe808201c3a1

  • SHA1

    494718d2f2522aff776699b71f1ead929e31545b

  • SHA256

    8f9937fca0c6af76aad748586bbbd36353d0450afacf69d81b62929704245fcf

  • SHA512

    a40522ea66ea4ff4746c8c54fb9606fad1a9724022735414ed44d8898c73c4e11929f78425f5f4763b03e2e38b8f6ace70f1ab3a08eb7d692286b0febd920356

  • SSDEEP

    196608:uTBZdnXV23p51O0U5tkS+vBj5MPQXB8TZzKTTsXIUHAbY6pNL8KnsBDqplfPwEM9:uTBZdnXV23vUb7oZ5MPoB8V+lY6pR1+x

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://unseaffarignsk.shop/api

https://shepherdlyopzc.shop/api

https://upknittsoappz.shop/api

https://liernessfornicsa.shop/api

https://outpointsozp.shop/api

https://callosallsaospz.shop/api

https://lariatedzugspd.shop/api

https://indexterityszcoxp.shop/api

Targets

    • Target

      @!^Installer_PC_Setup_2024_Ṕ@ṨṨẄṏṛḋ_^/Setup.exe

    • Size

      18.7MB

    • MD5

      2e7da3d18aac198a656059f14aaa5b5c

    • SHA1

      ef69b52ba1069b1707bec9004e7507e712c3819a

    • SHA256

      11df25dc6197c0dfb7ad8fbd66e576385656a425a5a49abdf330dfcdc334a1d1

    • SHA512

      3a2da54c8312b1a65522c0b61fa3d621adcf9558c300755ec105f50ac698926564d8e56663e5590c0f1d1c83f1473199fa719bc30192e0aaf231d59a53fe93e2

    • SSDEEP

      98304:2zgZMcTwun5zAODlliJWkzduIl4Lp2uviBGd/ZUkRIEQsCaQp1Gabm:9Nn5zAcgWkzz4Lp2uvi0dxRhQVm

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks