General

  • Target

    x86_64-win64-ranlib.rar

  • Size

    101.6MB

  • Sample

    240828-ry56astflp

  • MD5

    360e220a0ad7d7771381380291d1fdca

  • SHA1

    8540aff3ff35c33a3537da15d7f59c87dbf367d6

  • SHA256

    14fa452afcc4ff5ee00c88e603f670af754af1f8d0f53ae7cbaaa4b8c44afe1d

  • SHA512

    0dc66bbcfdc3beb5f091c7f8fddf1148c89f98cd5ee177e1d7b4774ca224d6667e3fb8b14e0a198b3f6cfc8f27f1396cc4758db1852a25d0d72df17cb6ba8eee

  • SSDEEP

    3145728:UMqnPiVuViUkukCc63AwWkFb6xuMPPXhz:ULnS0dkuk7ukuePh

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://racklilekwqp.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

Targets

    • Target

      x86_64-win64-ranlib.rar

    • Size

      101.6MB

    • MD5

      360e220a0ad7d7771381380291d1fdca

    • SHA1

      8540aff3ff35c33a3537da15d7f59c87dbf367d6

    • SHA256

      14fa452afcc4ff5ee00c88e603f670af754af1f8d0f53ae7cbaaa4b8c44afe1d

    • SHA512

      0dc66bbcfdc3beb5f091c7f8fddf1148c89f98cd5ee177e1d7b4774ca224d6667e3fb8b14e0a198b3f6cfc8f27f1396cc4758db1852a25d0d72df17cb6ba8eee

    • SSDEEP

      3145728:UMqnPiVuViUkukCc63AwWkFb6xuMPPXhz:ULnS0dkuk7ukuePh

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks