General

  • Target

    14711560b5fc4da2af822a35fcc35ca0N.exe

  • Size

    4.4MB

  • Sample

    240731-3a1fpatdmd

  • MD5

    14711560b5fc4da2af822a35fcc35ca0

  • SHA1

    a4cde042fd298d350c3b5919bf2b94b05b2c039b

  • SHA256

    42f2806e76e10a68e96a44753bc7317fe2118c40db3d52a29efb86fbecb4afef

  • SHA512

    5cf19420141462f79e4c5fcabad173ff47eb7f89c2f9c3be63ec2d9fe057b569bae4fed1ce2a6b0f3e5e3aa8461430ef05dc183d995e779575f7ee10fc819196

  • SSDEEP

    12288:0khMlQo8YmjJWD1faj/X5/9lQFMNcOre4g50The//ahUxo0+Kmo0lMl1sR4dkiLR:0xl8uajz4Mi00/aAVmt71YZ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://demandlinzei.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://demandlinzei.shop/api

https://applyzxcksdia.shop/api

Targets

    • Target

      14711560b5fc4da2af822a35fcc35ca0N.exe

    • Size

      4.4MB

    • MD5

      14711560b5fc4da2af822a35fcc35ca0

    • SHA1

      a4cde042fd298d350c3b5919bf2b94b05b2c039b

    • SHA256

      42f2806e76e10a68e96a44753bc7317fe2118c40db3d52a29efb86fbecb4afef

    • SHA512

      5cf19420141462f79e4c5fcabad173ff47eb7f89c2f9c3be63ec2d9fe057b569bae4fed1ce2a6b0f3e5e3aa8461430ef05dc183d995e779575f7ee10fc819196

    • SSDEEP

      12288:0khMlQo8YmjJWD1faj/X5/9lQFMNcOre4g50The//ahUxo0+Kmo0lMl1sR4dkiLR:0xl8uajz4Mi00/aAVmt71YZ

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks