Overview

overview

10

Static

static

3

85af6668a1...19.exe

windows7-x64

1

85af6668a1...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85af6668a1f480a55b7079f138495a976052220240900ef04a2b21a77f8e6a19.exe

  • Size

    20.6MB

  • Sample

    240818-br4e5axerb

  • MD5

    417d0c5b54c40329182ced6cab4e29f3

  • SHA1

    f982020fa1c362b024383d82965ad24c54ce5672

  • SHA256

    85af6668a1f480a55b7079f138495a976052220240900ef04a2b21a77f8e6a19

  • SHA512

    16e53ba989a53d8ed1f5525d6f74a318090e0f8563594db34e32a3d494c22c1cf9bfda59120b8e9050f829bb7964ca73abe2c5740910e8c934617fdb0d30d303

  • SSDEEP

    196608:0Q+17X/kkaC1TZ//Jl84bPFvyAYdDWtnl:0Q+1/kkdTZ/xq4b0PdDWP

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://circullateiosn.shop/api

https://writerospzm.shop/api

https://deallerospfosu.shop/api

https://bassizcellskz.shop/api

https://languagedscie.shop/api

https://complaintsipzzx.shop/api

https://quialitsuzoxm.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      85af6668a1f480a55b7079f138495a976052220240900ef04a2b21a77f8e6a19.exe

    • Size

      20.6MB

    • MD5

      417d0c5b54c40329182ced6cab4e29f3

    • SHA1

      f982020fa1c362b024383d82965ad24c54ce5672

    • SHA256

      85af6668a1f480a55b7079f138495a976052220240900ef04a2b21a77f8e6a19

    • SHA512

      16e53ba989a53d8ed1f5525d6f74a318090e0f8563594db34e32a3d494c22c1cf9bfda59120b8e9050f829bb7964ca73abe2c5740910e8c934617fdb0d30d303

    • SSDEEP

      196608:0Q+17X/kkaC1TZ//Jl84bPFvyAYdDWtnl:0Q+1/kkdTZ/xq4b0PdDWP

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks