General

  • Target

    c4f69034c48e5473fc779c8d6f9cc012dbf0e49ecd1feee16855ce57ab8549bf

  • Size

    477KB

  • Sample

    240801-jj3gvszbkm

  • MD5

    c82c38e08f1ab5909dbbf09042457671

  • SHA1

    e6df1b97d0ee3e1f6d5a950f6b951d54d6fb9ed5

  • SHA256

    c4f69034c48e5473fc779c8d6f9cc012dbf0e49ecd1feee16855ce57ab8549bf

  • SHA512

    bd4a7f2da59a32d3612814341fff70fd867380097e54f2a40665a94ffbcb6223337d9da9641decf70afc7a8c7a836607e2a359c61ae4901a29b0c109ba720ba4

  • SSDEEP

    12288:ThvjhATVxK+/9CX7xkAxEq67DFb1+hY1dXJsRFx:w/9sqmd63Fb1+0dEFx

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://demandlinzei.shop/api

https://applyzxcksdia.shop/api

https://replacedoxcjzp.shop/api

https://declaredczxi.shop/api

https://catchddkxozvp.shop/api

https://arriveoxpzxo.shop/api

https://contemplateodszsv.shop/api

https://bindceasdiwozx.shop/api

https://conformfucdioz.shop/api

Extracted

Family

lumma

C2

https://demandlinzei.shop/api

https://applyzxcksdia.shop/api

Targets

    • Target

      211ed934cf6f4805bf4c43aff343e803d2b46833ab2928eff7efdd9b8a638a5a.exe

    • Size

      1.4MB

    • MD5

      e7018b79e5ad7c9aec2d6f0377d97771

    • SHA1

      0985dad2e2117921cf5b85e0411e5697d4789813

    • SHA256

      211ed934cf6f4805bf4c43aff343e803d2b46833ab2928eff7efdd9b8a638a5a

    • SHA512

      63a099d94c7c25ee41e27ed3336ea89bfc2d1137c027e41fd13396a0bb39bb8c3cf286791a65a5770b5e709d680bac366c8dd8e6ecb21d72f7cc4db08f99e6eb

    • SSDEEP

      24576:LkTajRrasCch7Q0Yaw+zzkinDUcKTipi:0O9BUY

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks