Overview

overview

10

Static

static

10

3876-1-0x0...ry.exe

windows7-x64

1

3876-1-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3876-1-0x0000000000400000-0x000000000045A000-memory.dmp

  • Size

    360KB

  • MD5

    2be3d96bfcf05a9b3933062aa72a788a

  • SHA1

    83efbf344686855c2d810fdb99fec99879389a57

  • SHA256

    083866b9a6cd977903d7d56d07d26894a1b54f4ac59f4c8f51cc24746b9af405

  • SHA512

    e2975c93230f44f131ea317cfb28e2a2e5d6e6b43a55841cb270a38f5a0480abb9d5b4b3e717836726e15c50855e1e35ed00ea8a427cad9a1b579ef8eadeeea4

  • SSDEEP

    6144:AcZ32ZAZt1XctdlKtJkriax2LoR761wd5P3Zp:AKmZAZt1XylcW0u61w/PJ

Score
10/10
stealerlumma

Malware Config

Extracted

Family

lumma

C2

https://piedsiggnycliquieaw.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://swellfrrgwwos.xyz/api

https://penetratedpoopp.xyz/api

https://ellaboratepwsz.xyz/api

https://towerxxuytwi.xyz/api

https://pedestriankodwu.xyz/api

Signatures

  • Lumma family
    lumma
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3876-1-0x0000000000400000-0x000000000045A000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections