Overview

overview

10

Static

static

3

Setup.exe

windows7-x64

3

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c70ec9805c8c9295119cee8891f742ee36e4515e488731000363333e22c5b71.zip

  • Size

    5.9MB

  • Sample

    240930-bhmq1stfne

  • MD5

    7063bc9c7442929ed564ae1ef66bd571

  • SHA1

    382f3445a9ad588dab4280a4fe860b3c263aa48d

  • SHA256

    7c70ec9805c8c9295119cee8891f742ee36e4515e488731000363333e22c5b71

  • SHA512

    bd65469283dc4f17ccf8b4d02e67f972e586581108523b4ff7d459583b6f50ed8eb75649716279d0298c839eb73a1bb998a2bababc34d97d00576eafd8c85808

  • SSDEEP

    98304:nZbwPM6Qnl6HNqPndHynMI4vm/bnc7Ewfqn3AlEeN55XOxe0NTBwZNmDQNdQ83j:Zb0MeH0ndSqe/bnyEwfquN5RaekugQ7x

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://reinforcenh.shop/api

https://stogeneratmns.shop/api

https://fragnantbui.shop/api

https://drawzhotdog.shop/api

https://vozmeatillu.shop/api

https://offensivedzvju.shop/api

https://ghostreedmnu.shop/api

https://gutterydhowi.shop/api

https://pianoswimen.shop/api

Extracted

Family

lumma

C2

https://chaptermusu.store/api

Targets

    • Target

      Setup.exe

    • Size

      763.9MB

    • MD5

      d978777757cfedf965a7de91bbb11542

    • SHA1

      4d90233ce8b29b7eebc7f9daef0c7513707a4362

    • SHA256

      07eb1f46be05e9fd912dcc5e4e5a9c278a5856e6137fa00b2d0921840dd942fa

    • SHA512

      5773d7851c1b9d46c14bb4fb9e66e0dddbba14d5dd17a3578519e786f800a91d67aed6004aa11fd6ead004a7dc9d098ef3016befdee17c8b41d1a80ce548cb04

    • SSDEEP

      98304:WoS/15K8lH7dJAd6NBexaIQ/4qcutfLZpSw6Z9Y:WP4yn2904xN9Y

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks