General

  • Target

    Setup.exe

  • Size

    16.0MB

  • Sample

    240731-238r4aybjq

  • MD5

    b7b651076f38aa7ca9c0b216458accdb

  • SHA1

    d66373137e369e6d5ff171fc1e34d1930e68d427

  • SHA256

    987ef19c64b52b629ada18847d16f2701ad68bec489da468caba969d8deeb04b

  • SHA512

    925a92e591b53b1f8676a9d3c601470f7f3e6469e35965d6832064c573b9e89a945321474ad201746b9c645776a8fb78bc03a4b62e4326cd92f5936ee76e1ae8

  • SSDEEP

    98304:aYnNy1ltBmrtoBJladrs38ULHXuPSzEhdL83BJ514V9pELFzN:+BuoBJYdrsfHXuPSghJiJepEL

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://horizonvxjis.shop/api

Targets

    • Target

      Setup.exe

    • Size

      16.0MB

    • MD5

      b7b651076f38aa7ca9c0b216458accdb

    • SHA1

      d66373137e369e6d5ff171fc1e34d1930e68d427

    • SHA256

      987ef19c64b52b629ada18847d16f2701ad68bec489da468caba969d8deeb04b

    • SHA512

      925a92e591b53b1f8676a9d3c601470f7f3e6469e35965d6832064c573b9e89a945321474ad201746b9c645776a8fb78bc03a4b62e4326cd92f5936ee76e1ae8

    • SSDEEP

      98304:aYnNy1ltBmrtoBJladrs38ULHXuPSzEhdL83BJ514V9pELFzN:+BuoBJYdrsfHXuPSghJiJepEL

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks