Overview

overview

10

Static

static

1

AdminAFHDGDGIID.exe

windows7-x64

10

AdminAFHDGDGIID.exe

windows10-1703-x64

10

AdminAFHDGDGIID.exe

windows10-2004-x64

10

AdminAFHDGDGIID.exe

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AdminAFHDGDGIID.exe

  • Size

    277KB

  • Sample

    240822-xftmfasbqe

  • MD5

    370e6b39022da68d978ba7cc78719bfb

  • SHA1

    ba92d7255234cfe6960c0b67f2da06a443bb8139

  • SHA256

    12ef3849fa5d882106fc29adf92c5a89871cc59bb6283f9a742d8f9928aa57d7

  • SHA512

    54bc40b3b3de664f16d40ed1b896c5e618730377686bb346a281d7e404676348158241fa8cddbfe25b83042410ce8d235a1e9a12fc31eff41c699c0c70ee9941

  • SSDEEP

    6144:CoogZsAxGdSzjRPAnz4lPZ7mxmR+nlPA6XlCk4ZnlMHEO:xoxAxGcz5AncdZ7me+VylMHEO

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://interactiedovspm.shop/api

https://potentioallykeos.shop/api

Targets

    • Target

      AdminAFHDGDGIID.exe

    • Size

      277KB

    • MD5

      370e6b39022da68d978ba7cc78719bfb

    • SHA1

      ba92d7255234cfe6960c0b67f2da06a443bb8139

    • SHA256

      12ef3849fa5d882106fc29adf92c5a89871cc59bb6283f9a742d8f9928aa57d7

    • SHA512

      54bc40b3b3de664f16d40ed1b896c5e618730377686bb346a281d7e404676348158241fa8cddbfe25b83042410ce8d235a1e9a12fc31eff41c699c0c70ee9941

    • SSDEEP

      6144:CoogZsAxGdSzjRPAnz4lPZ7mxmR+nlPA6XlCk4ZnlMHEO:xoxAxGcz5AncdZ7me+VylMHEO

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks