General

  • Target

    5829ebe4aa9aea165859b06a12169757.bin

  • Size

    423KB

  • Sample

    240801-ce738azhkc

  • MD5

    ba398d7dbb97d9dfb4d4d3359c5a6cf5

  • SHA1

    4771f9be04a4662f39ccf4d187cdcf106f0ca239

  • SHA256

    2e5f4ec9723ad681b3c759347f1a2d6a92135371d6765cca7f461126f3c0041b

  • SHA512

    2441e94edd15e15d2cf5e76d55c4dd65102041d0a6dba6cd4bf3a75b6a3eea85e76956c43132fc77cbd1e10bdd58db28a9880802cc87bca33b96f3128f5ee55e

  • SSDEEP

    12288:mR5TlLruO1f5wD6yk/heFbaIsfqb2i3EPifBv6YqJ0n1EL6x6xIW:snLrYD6FKOZf60W6ZiEvGW

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://celosiapatroen.shop/api

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://horizonvxjis.shop/api

Targets

    • Target

      1ba314f9f62a04b54875b892eefc3bf40a264a2c1024806b1188ef36187eebb7.exe

    • Size

      526KB

    • MD5

      5829ebe4aa9aea165859b06a12169757

    • SHA1

      f37cb7aa48eccd51e7a8ba94df5838bcf46e031f

    • SHA256

      1ba314f9f62a04b54875b892eefc3bf40a264a2c1024806b1188ef36187eebb7

    • SHA512

      71fb949a2c6d36cbfcef11610d2b12ae40b766a66c811cf065c9e52a59100935d39d12e669e4eb8e6d5416a22d3529821bba875272f2fa92cdba294323254e58

    • SSDEEP

      12288:zDCs5KUdmGDjtK87UEIKgzlt9NpWr5LPiXBuC11S4etrMGns:zDjsUjNUdKgz1NpWVLPmuGk4etr4

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks