Overview

overview

10

Static

static

3

Main (1).zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Main (1).zip

  • Size

    419KB

  • Sample

    240805-x79sqszcpd

  • MD5

    11e40cd744c1b342988a44c3632b360d

  • SHA1

    6377ebcf8b46eb0bef07321c4ebebb29f1b13565

  • SHA256

    f00c12f1feff9ffc6822df557ddfdcef9202e9262169cd3073a64560159efcc6

  • SHA512

    59ad5d806273828c7e5aca95d3fe9181128c8f92e7da561f663718002a4067e5ce061b18a3993ef7931fcb0289d1361c9000cb4175d600f138de4d6ebda05392

  • SSDEEP

    12288:rG8rCT0IdWZPZkA2KPEJ/HgGeC8qWZw0sUXxAyEy:rGTz4ZP6KcJd3Q4UBATy

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://kaminiasbbefow.shop/api

https://horizonvxjis.shop/api

https://effectivedoxzj.shop/api

https://parntorpkxzlp.shop/api

https://stimultaionsppzv.shop/api

https://grassytaisol.shop/api

https://broccoltisop.shop/api

https://shellfyyousdjz.shop/api

https://bravedreacisopm.shop/api

Extracted

Family

lumma

C2

https://horizonvxjis.shop/api

Targets

    • Target

      Main (1).zip

    • Size

      419KB

    • MD5

      11e40cd744c1b342988a44c3632b360d

    • SHA1

      6377ebcf8b46eb0bef07321c4ebebb29f1b13565

    • SHA256

      f00c12f1feff9ffc6822df557ddfdcef9202e9262169cd3073a64560159efcc6

    • SHA512

      59ad5d806273828c7e5aca95d3fe9181128c8f92e7da561f663718002a4067e5ce061b18a3993ef7931fcb0289d1361c9000cb4175d600f138de4d6ebda05392

    • SSDEEP

      12288:rG8rCT0IdWZPZkA2KPEJ/HgGeC8qWZw0sUXxAyEy:rGTz4ZP6KcJd3Q4UBATy

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks