Overview

overview

10

Static

static

3

FusionLoader v2.1.exe

windows7-x64

10

FusionLoader v2.1.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    FusionLoader v2.1.exe

  • Size

    280KB

  • Sample

    240824-z5kryasakr

  • MD5

    35bcd6bee29547bcb1d0d61ce199fcb9

  • SHA1

    60c7469cc552d39580cf8508b51fb56da9e09f88

  • SHA256

    3e1a4f453ae44cdf7c08b9b4d659b79a94bb16f0999e9f8588e7032005a55ff0

  • SHA512

    ed1db6199f0c0d7ceaa97202bb2d1a05b314f0c5cac5cd7092d8e8571e54e8ea18b1f0c8a46f72a599454287b38608383756ba915ec0d2fb3d0fb6d4b7279614

  • SSDEEP

    6144:2NiWUf+Wb0Kzwnc94wndt7VtAD136tT+6Q4MbT4ECtA0chn:2e0Kz99tnHDADAtT+h4EIA0chn

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://froytnewqowv.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

https://condedqpwqm.shop/api

https://millyscroqwp.shop/api

https://stagedchheiqwo.shop/api

https://stamppreewntnq.shop/api

https://caffegclasiqwp.shop/api

https://tenntysjuxmz.shop/api

Targets

    • Target

      FusionLoader v2.1.exe

    • Size

      280KB

    • MD5

      35bcd6bee29547bcb1d0d61ce199fcb9

    • SHA1

      60c7469cc552d39580cf8508b51fb56da9e09f88

    • SHA256

      3e1a4f453ae44cdf7c08b9b4d659b79a94bb16f0999e9f8588e7032005a55ff0

    • SHA512

      ed1db6199f0c0d7ceaa97202bb2d1a05b314f0c5cac5cd7092d8e8571e54e8ea18b1f0c8a46f72a599454287b38608383756ba915ec0d2fb3d0fb6d4b7279614

    • SSDEEP

      6144:2NiWUf+Wb0Kzwnc94wndt7VtAD136tT+6Q4MbT4ECtA0chn:2e0Kz99tnHDADAtT+h4EIA0chn

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks