Overview

overview

10

Static

static

10

4956-1-0x0...ry.exe

windows7-x64

1

4956-1-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4956-1-0x0000000000400000-0x0000000000465000-memory.dmp

  • Size

    404KB

  • MD5

    f538218a24aa5b8ef28e3c91d533d5fc

  • SHA1

    ae8e91867af4b969e070b6ad60c4dfded89f4172

  • SHA256

    7183552f390d46db144a37e5cf5bf2d907436c2f45f01966829d4d035b4b89f3

  • SHA512

    f3dcaa94047815f3534bd9da59fe8dd4db5c1a01e225050de91a51ae3b944c43497ed3f8ec293522956e55a9f529b5e0396a1be502c7418c08f509f1a2b3656b

  • SSDEEP

    6144:DaTR9KSbnYoVZxpq5YxTB+t3Z3mqcdlmof4Yk:DalXbhzxpq5YS/I/mo2

Score
10/10
stealerlumma

Malware Config

Extracted

Family

lumma

C2

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://pianoswimen.shop/api

Signatures

  • Lumma family
    lumma
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4956-1-0x0000000000400000-0x0000000000465000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections