Analysis
-
max time kernel
134s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
25/08/2024, 16:50
General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.15367.4661.exe
-
Size
267KB
-
MD5
382d136bfe49570e8fae2d0cb76f63bd
-
SHA1
3aff9180e0d7faf54465b6d6c3f819d8f6060eac
-
SHA256
9e3066c1726247c793db917867d08e4cf61d9eaa5ac057f8c9465e5e05614509
-
SHA512
26af7fb47cb69ddd821e348a1f9739725dfef59a908564e5c0ae4775aaeb36fcd06479c5828feb168883f7a39ef6636e9c7c33e9576b3537db7522947a5d52af
-
SSDEEP
6144:p+s5CbH1WLPUX0IULbRAHtkoz2jhO/yzntknp+:iVWLPUX6GHWFhiyDtB
Malware Config
Extracted
lumma
https://miracledzmnqwui.shop/api
https://locatedblsoqp.shop/api
https://traineiwnqo.shop/api
https://condedqpwqm.shop/api
https://millyscroqwp.shop/api
https://stagedchheiqwo.shop/api
https://stamppreewntnq.shop/api
https://caffegclasiqwp.shop/api
https://tenntysjuxmz.shop/api
Signatures
-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.PWSX-gen.15367.4661.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.PWSX-gen.15367.4661.exe"1⤵
- System Location Discovery: System Language Discovery