General
-
Target
~!!SetUp_KEY_9696_PAas$c0De!%!!.zip
-
Size
3.1MB
-
Sample
240727-rxyd3atfjl
-
MD5
eade8ec3fb15be090a784517edac94cd
-
SHA1
8c30ab460a1e60efbaa94bc2123ba756678b6dd5
-
SHA256
910ec7d764e93e5ffd27e4b623c445e1ab2b66efdd962aebb7f6913a21f3e030
-
SHA512
92a9ecc566e84172fc38742c0f73f9b9f1b9cd63db1910da82e529f1c61bec357e76746fc01938b64fd8bcbd93cc49cb56c13a04520f4b373f1abe6f942a5e00
-
SSDEEP
49152:DWFfIQoUex85paSmkQmzfQ/x54yi53m+N/7Lv7dqmWgRhsfscmYR95FE4bYg85nY:DAfIQde0Zzxyi53NpgmWHfs1YRv8sHJ
Malware Config
Extracted
lumma
https://markerryshewi.shop/api
https://horizonvxjis.shop/api
https://effectivedoxzj.shop/api
https://parntorpkxzlp.shop/api
https://stimultaionsppzv.shop/api
https://grassytaisol.shop/api
https://broccoltisop.shop/api
https://shellfyyousdjz.shop/api
https://bravedreacisopm.shop/api
Extracted
lumma
https://markerryshewi.shop/api
https://horizonvxjis.shop/api
https://effectivedoxzj.shop/api
https://parntorpkxzlp.shop/api
https://stimultaionsppzv.shop/api
https://grassytaisol.shop/api
https://broccoltisop.shop/api
https://shellfyyousdjz.shop/api
https://bravedreacisopm.shop/api
Targets
-
-
Target
~!!SetUp_KEY_9696_PAas$c0De!%!!/Setup.exe
-
Size
163KB
-
MD5
0588ce0c39da3283e779c1d5b21d283b
-
SHA1
1f264a47972d63db2cde18dc8311bc46551380eb
-
SHA256
d5a6714ab95caa92ef1a712465a44c1827122b971bdb28ffa33221e07651d6f7
-
SHA512
a5f97ac156d081cb4d9b3f32948eea387725c88af0f19e8bc8db2058a19e211648b7fd86708ff5e1db8f7b57ca3ab8edeba771c9d684c53bcb228ca71adab02a
-
SSDEEP
3072:yK2FRsfrS8Ywp3GKJ7hDD/vRvDTX8QlevsqYau7j7/EecxurY:x1TSG/XT5Fau7pXk
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Suspicious use of SetThreadContext
-