Overview

overview

10

Static

static

1

SecuriteIn...35.exe

windows7-x64

10

SecuriteIn...35.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Inject5.7084.532.1135.exe

  • Size

    4.1MB

  • Sample

    240814-rbrdma1bnk

  • MD5

    d927db8e421b13650fcb816f49ac6a70

  • SHA1

    53b6b910ab6e26624091f5cf00824d4a7341649c

  • SHA256

    b766bb677fc030ce8adc5dab07a05f3ee917618ea234aac6d29a94876d1a64f3

  • SHA512

    140cb2431b052a8946ebbb3f5afc8b38e25f9a30447e63a209718f0e3462bf8161dd52236b8268e26bbf9bee1e6ba63eddd983eb29116e755a7d86bf8f0b78ed

  • SSDEEP

    98304:LDbZpbp1Ox3ewstLu9DAszMvlqs8I2OO9PWkL4xC+8spwhPkCaf:L/r1AxOwstLu9DAsY9q5JT9ekL48+Riw

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://deallerospfosu.shop/api

https://writerospzm.shop/api

https://bassizcellskz.shop/api

https://mennyudosirso.shop/api

https://languagedscie.shop/api

https://complaintsipzzx.shop/api

https://quialitsuzoxm.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      SecuriteInfo.com.Trojan.Inject5.7084.532.1135.exe

    • Size

      4.1MB

    • MD5

      d927db8e421b13650fcb816f49ac6a70

    • SHA1

      53b6b910ab6e26624091f5cf00824d4a7341649c

    • SHA256

      b766bb677fc030ce8adc5dab07a05f3ee917618ea234aac6d29a94876d1a64f3

    • SHA512

      140cb2431b052a8946ebbb3f5afc8b38e25f9a30447e63a209718f0e3462bf8161dd52236b8268e26bbf9bee1e6ba63eddd983eb29116e755a7d86bf8f0b78ed

    • SSDEEP

      98304:LDbZpbp1Ox3ewstLu9DAszMvlqs8I2OO9PWkL4xC+8spwhPkCaf:L/r1AxOwstLu9DAsY9q5JT9ekL48+Riw

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks