General

  • Target

    Setup.exe

  • Size

    8.0MB

  • Sample

    240801-fl1jhatakm

  • MD5

    f88602927fbdea9d9fa84f2415676a3c

  • SHA1

    46875a4e1557f77fb5b577351880d1260e65ec10

  • SHA256

    90d868da9eecdeee40b4b7fab47c163c91c0e47cba8c7cb98fea53ac00f9f65d

  • SHA512

    86a4fc8515efe87704a1835682a73a878ea130f8219280141f9972c2d0ddec62b3227dd00085455cfa61b03abe255325f3fb6c2bb246fa3a5b74a635f811f7cc

  • SSDEEP

    98304:wfoJwtNowE8qMXWqjPJsSOVsRpzDdmOISM5XR4Ug/betbPlD1V:wfrtNY8BWqrOCEXR4Ug6tjZ

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sicillyosopzv.shop/api

https://unseaffarignsk.shop/api

https://shepherdlyopzc.shop/api

https://upknittsoappz.shop/api

https://liernessfornicsa.shop/api

https://outpointsozp.shop/api

https://callosallsaospz.shop/api

https://lariatedzugspd.shop/api

https://indexterityszcoxp.shop/api

Extracted

Family

lumma

C2

https://unseaffarignsk.shop/api

https://shepherdlyopzc.shop/api

https://upknittsoappz.shop/api

https://liernessfornicsa.shop/api

https://outpointsozp.shop/api

https://callosallsaospz.shop/api

https://lariatedzugspd.shop/api

https://indexterityszcoxp.shop/api

Targets

    • Target

      Setup.exe

    • Size

      8.0MB

    • MD5

      f88602927fbdea9d9fa84f2415676a3c

    • SHA1

      46875a4e1557f77fb5b577351880d1260e65ec10

    • SHA256

      90d868da9eecdeee40b4b7fab47c163c91c0e47cba8c7cb98fea53ac00f9f65d

    • SHA512

      86a4fc8515efe87704a1835682a73a878ea130f8219280141f9972c2d0ddec62b3227dd00085455cfa61b03abe255325f3fb6c2bb246fa3a5b74a635f811f7cc

    • SSDEEP

      98304:wfoJwtNowE8qMXWqjPJsSOVsRpzDdmOISM5XR4Ug/betbPlD1V:wfrtNY8BWqrOCEXR4Ug6tjZ

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks