General

  • Target

    0bb7247d18d698bcf824267074072ae0N.exe

  • Size

    479KB

  • Sample

    240731-14ae9a1brb

  • MD5

    0bb7247d18d698bcf824267074072ae0

  • SHA1

    872960042067a7a299a839d3f411057abbc812e8

  • SHA256

    5c8e47a8a548dc3e765ce0bf75eb05d4033d612138f0265f5423dd18024f5714

  • SHA512

    073b9193823c9371d10d5ea601d4127b75d64f6683975924611f4eb81a79e526ee6a1418d129dbb4fba430768c553764e21b368c12456838a1d41ffacbd420ec

  • SSDEEP

    12288:E04n2KF2wSNhpZs486MsE4V43WrtbZFMHTy9M:22KkwSNhpZl86MsE4aIPMzm

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://violanntyisopz.shop/api

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://violanntyisopz.shop/api

https://horizonvxjis.shop/api

Targets

    • Target

      0bb7247d18d698bcf824267074072ae0N.exe

    • Size

      479KB

    • MD5

      0bb7247d18d698bcf824267074072ae0

    • SHA1

      872960042067a7a299a839d3f411057abbc812e8

    • SHA256

      5c8e47a8a548dc3e765ce0bf75eb05d4033d612138f0265f5423dd18024f5714

    • SHA512

      073b9193823c9371d10d5ea601d4127b75d64f6683975924611f4eb81a79e526ee6a1418d129dbb4fba430768c553764e21b368c12456838a1d41ffacbd420ec

    • SSDEEP

      12288:E04n2KF2wSNhpZs486MsE4V43WrtbZFMHTy9M:22KkwSNhpZl86MsE4aIPMzm

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks