Overview

overview

10

Static

static

10

4788-1-0x0...ry.exe

windows7-x64

1

4788-1-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4788-1-0x0000000000400000-0x000000000045A000-memory.dmp

  • Size

    360KB

  • MD5

    dff73279a5a80b3094031dc528c69e01

  • SHA1

    5e232d498e7aea6db99d3e57866e200ae94992e2

  • SHA256

    62b02908476f6bcf9b6d8fba90dcb1570f9997ad940258a094eb4962067b121b

  • SHA512

    edc2b6854dd211aa999e77fadb63b20bba49a2bf2a27d7c4b9fd4600a2f64d0d7560c8936ffec9d02a8f52fa6ff6d9dc59d5e49c8edd7124b7baab942289f61d

  • SSDEEP

    6144:NCsnEQr45Da+ugYRcQJguqQ2nCwZHhlCEEeyT4EfD+Av:N/EQKD/ugtuTgXHhlceykEfD+m

Score
10/10
stealerlumma

Malware Config

Extracted

Family

lumma

C2

https://groundsmooors.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://swellfrrgwwos.xyz/api

https://penetratedpoopp.xyz/api

https://ellaboratepwsz.xyz/api

https://towerxxuytwi.xyz/api

https://pedestriankodwu.xyz/api

Signatures

  • Lumma family
    lumma
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4788-1-0x0000000000400000-0x000000000045A000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections