Overview

overview

10

Static

static

3

FiveM-Mod-...er.exe

windows7-x64

7

FiveM-Mod-...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FiveMModMenumain.zip

  • Size

    404KB

  • Sample

    240919-e8ttss1ekh

  • MD5

    e7ade2ef3da690e5e41736c2d67c050f

  • SHA1

    7035cbc49908b64d1ec15215bde0b5cde65803fa

  • SHA256

    eb8290851deeff8db4e415f7f9538d7071939193a26449e54e0c58c9d15411f5

  • SHA512

    36cbf754becca825afa56dc8f8d8d17362386c4bd7aa222b4dcd56de95e288588e049119a91ca5beacc090a1a26a26ab877c9946bfbc086c8eda24ee90d1bfe2

  • SSDEEP

    12288:PYCqb827Bbz4QlZ6GD+5lN7BCIJXaSQWP53:Q982p0Qz6SQjJoqZ

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://extorteauhhwigw.shop/api

https://potterryisiw.shop/api

https://foodypannyjsud.shop/api

https://contintnetksows.shop/api

https://swellfrrgwwos.xyz/api

https://penetratedpoopp.xyz/api

https://ellaboratepwsz.xyz/api

https://towerxxuytwi.xyz/api

https://pedestriankodwu.xyz/api

Extracted

Family

lumma

C2

https://potterryisiw.shop/api

Targets

    • Target

      FiveM-Mod-Menu-main/Loader.exe

    • Size

      554KB

    • MD5

      613df599866679f7f19d12ff86220db8

    • SHA1

      33a2f464888fd8aedd2c4cd8f79e9e43321d8465

    • SHA256

      65f8e0e219637833386b6cfe27bd2f8446a214f02149628c63dd0329501e17e6

    • SHA512

      4091dc9ce75e7ff9a1131aa200e30ca293a8619a616bce17a4f5fa6e79602848efd422be64be7af8aff3c99f75536d2ea45dbcf1d7afb0a7998a0526bf76ce13

    • SSDEEP

      12288:2Nqf82rBbd4Qlj68ZEpv/7B+WIOzys7AsMC6WReVDTKwWZwfwsBAlny7Jc23OBuB:2s82ZWQx6AKsWL

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks