lumma | 73395e4417546526b72ddf7fa53ab59f

General

Target

73395e4417546526b72ddf7fa53ab59f
Size

304KB
MD5

73395e4417546526b72ddf7fa53ab59f
SHA1

503a5fd86b3789048bc75431d9d578a60e298ff3
SHA256

1cb154e0c2cb3761a1fcb2b6d0edd20a01d44c303cd85946b3884d24bac8d19c
SHA512

8a34d7a69b6ddd200a5677fa3c98a02c2d96a51a955b5d146ce4c2adf96a4671327161c70b37ee1fa5e9417fff8959402772d3ac781e94dc11b26b5998932f09
SSDEEP

3072:CNumiCvg3BFzJ4CcdgRATfnk3UQwne2hBqiAwtmgeR+eH2UrWWxcvi6mRKRobWXP:uJCBFFo83UpbAIeRlH2lhCAxkllQ2

Score

10^/10

stealer lumma

Malware Config

Extracted

Family

lumma

C2

https://terminalprecedentyks.shop/api

https://publicitycharetew.shop/api

https://computerexcudesp.shop/api

https://leafcalfconflcitw.shop/api

https://injurypiggyoewirog.shop/api

https://bargainnygroandjwk.shop/api

https://disappointcredisotw.shop/api

https://doughtdrillyksow.shop/api

https://facilitycoursedw.shop/api

Signatures

Lumma family
lumma

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73395e4417546526b72ddf7fa53ab59f

Files

73395e4417546526b72ddf7fa53ab59f
.exe windows:6 windows x86 arch:x86

923789fc8ee65b281239385e977fe205

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetLogicalDrives
GetSystemDirectoryW
GlobalLock
GlobalUnlock

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantInit

user32

CloseClipboard
GetClipboardData
GetDC
GetSystemMetrics
GetWindowLongW
OpenClipboard
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetObjectW
SelectObject

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

923789fc8ee65b281239385e977fe205

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

user32

gdi32

Sections

.text Size: 237KB - Virtual size: 236KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 34KB - Virtual size: 71KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 237KB - Virtual size: 236KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 34KB - Virtual size: 71KB

.reloc
Size: 21KB - Virtual size: 20KB