Overview

overview

10

Static

static

3

yjsefyjs.exe

windows7-x64

10

yjsefyjs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    yjsefyjs.exe

  • Size

    1.2MB

  • Sample

    240913-3cf5tsvgnd

  • MD5

    acebc69ae67997867002990dae3f699d

  • SHA1

    8483b45b2faaa21ad548e72fb49ae3a08143334e

  • SHA256

    f545fbcf52e694eaed07f7869ee67d1dffea29a3769e2482f5eccb3c21148442

  • SHA512

    6c9f88407ffbf228f44270c28d0eeba804a8f3198454becebdd5f2d13eda5c1f0407f1e98569bbcd490225a10ba6e1917c1af1971bd1f636a71250b602dcbf28

  • SSDEEP

    24576:dIvbVU1Rp8UjXHCfvHIxoudG1omibJsZF/vuqTkiwdIhjQ2tZpqxEO+r:uanqfwldEomum5v3AIR5/0Eh

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://murderryewowp.shop/api

https://complainnykso.shop/api

https://basedsymsotp.shop/api

https://charistmatwio.shop/api

https://grassemenwji.shop/api

https://stitchmiscpaew.shop/api

https://commisionipwn.shop/api

Targets

    • Target

      yjsefyjs.exe

    • Size

      1.2MB

    • MD5

      acebc69ae67997867002990dae3f699d

    • SHA1

      8483b45b2faaa21ad548e72fb49ae3a08143334e

    • SHA256

      f545fbcf52e694eaed07f7869ee67d1dffea29a3769e2482f5eccb3c21148442

    • SHA512

      6c9f88407ffbf228f44270c28d0eeba804a8f3198454becebdd5f2d13eda5c1f0407f1e98569bbcd490225a10ba6e1917c1af1971bd1f636a71250b602dcbf28

    • SSDEEP

      24576:dIvbVU1Rp8UjXHCfvHIxoudG1omibJsZF/vuqTkiwdIhjQ2tZpqxEO+r:uanqfwldEomum5v3AIR5/0Eh

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks