Overview

overview

10

Static

static

1

win10

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x86_64-win64-ranlib.rar

  • Size

    101.6MB

  • Sample

    240828-ry56astflp

  • MD5

    360e220a0ad7d7771381380291d1fdca

  • SHA1

    8540aff3ff35c33a3537da15d7f59c87dbf367d6

  • SHA256

    14fa452afcc4ff5ee00c88e603f670af754af1f8d0f53ae7cbaaa4b8c44afe1d

  • SHA512

    0dc66bbcfdc3beb5f091c7f8fddf1148c89f98cd5ee177e1d7b4774ca224d6667e3fb8b14e0a198b3f6cfc8f27f1396cc4758db1852a25d0d72df17cb6ba8eee

  • SSDEEP

    3145728:UMqnPiVuViUkukCc63AwWkFb6xuMPPXhz:ULnS0dkuk7ukuePh

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://racklilekwqp.shop/api

https://locatedblsoqp.shop/api

https://traineiwnqo.shop/api

Targets

    • Target

      x86_64-win64-ranlib.rar

    • Size

      101.6MB

    • MD5

      360e220a0ad7d7771381380291d1fdca

    • SHA1

      8540aff3ff35c33a3537da15d7f59c87dbf367d6

    • SHA256

      14fa452afcc4ff5ee00c88e603f670af754af1f8d0f53ae7cbaaa4b8c44afe1d

    • SHA512

      0dc66bbcfdc3beb5f091c7f8fddf1148c89f98cd5ee177e1d7b4774ca224d6667e3fb8b14e0a198b3f6cfc8f27f1396cc4758db1852a25d0d72df17cb6ba8eee

    • SSDEEP

      3145728:UMqnPiVuViUkukCc63AwWkFb6xuMPPXhz:ULnS0dkuk7ukuePh

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks