Overview

overview

10

Static

static

3

YuQuLoaderV2.exe

windows7-x64

3

YuQuLoaderV2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    YuQuLoaderV2.exe

  • Size

    529KB

  • Sample

    240914-jsx9hatdlp

  • MD5

    c4877fe54aabca2a36aa085a8649a402

  • SHA1

    6a198b5bdd42598d63c48724d00416ef697d3f98

  • SHA256

    940c056664ba85263b81dcba315312658e5a734fda76b459b0dab49439df1662

  • SHA512

    6e8dc3977b7af0f5fc1f9793bc53c489eee59a6d09039c6c90eb4565e9a72324808a49eecb3d0617ebd6952b107c3235ce1102b4e263a9137f9db6924ad7d91d

  • SSDEEP

    12288:beO9acLNkzcMQ4qyMPinNF/MJ7OmKfByuKtyDgir2aPboLbV1R:1ezcMj/tM0JErsk/aMLb/

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://extorteauhhwigw.shop/api

https://bouncedgowp.shop/api

https://bannngwko.shop/api

https://bargainnykwo.shop/api

https://affecthorsedpo.shop/api

https://radiationnopp.shop/api

https://answerrsdo.shop/api

https://publicitttyps.shop/api

https://benchillppwo.shop/api

Extracted

Family

lumma

C2

https://bannngwko.shop/api

Targets

    • Target

      YuQuLoaderV2.exe

    • Size

      529KB

    • MD5

      c4877fe54aabca2a36aa085a8649a402

    • SHA1

      6a198b5bdd42598d63c48724d00416ef697d3f98

    • SHA256

      940c056664ba85263b81dcba315312658e5a734fda76b459b0dab49439df1662

    • SHA512

      6e8dc3977b7af0f5fc1f9793bc53c489eee59a6d09039c6c90eb4565e9a72324808a49eecb3d0617ebd6952b107c3235ce1102b4e263a9137f9db6924ad7d91d

    • SSDEEP

      12288:beO9acLNkzcMQ4qyMPinNF/MJ7OmKfByuKtyDgir2aPboLbV1R:1ezcMj/tM0JErsk/aMLb/

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks