Overview

overview

10

Static

static

1

NShаrk.zip

windows10-2004-x64

10

NShаrk.zip

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NShаrk.zip

  • Size

    103.5MB

  • Sample

    241010-t82xqs1dmr

  • MD5

    5ed8758f546ecd41a7dbe294a5ae14e5

  • SHA1

    f8770a55c828efe15083c695ac6cfe2d7f10278b

  • SHA256

    e88e83193cc7752b3fff67082209bc9c2f40351fd5b24cda09fe170c5335619a

  • SHA512

    c03a6dcca6c0ca3b012ec277cdaa16353840145538642edc9edecf175fa6497b932941e3e5101391a3c5d865c6c67ea03583b462ae59761d9b44a979cb9861ee

  • SSDEEP

    3145728:fNazN7yQdY0ZohO/+IxfZlaOpWI36BCvyicYnEu:1oN7yQC0Zp2IJna4WYvxcLu

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://drawwyobstacw.sbs

https://condifendteu.sbs

https://ehticsprocw.sbs

https://vennurviot.sbs

https://resinedyw.sbs

https://enlargkiw.sbs

https://allocatinow.sbs

https://mathcucom.sbs

https://highawaretemptersudwu.xyz/api

Targets

    • Target

      NShаrk.zip

    • Size

      103.5MB

    • MD5

      5ed8758f546ecd41a7dbe294a5ae14e5

    • SHA1

      f8770a55c828efe15083c695ac6cfe2d7f10278b

    • SHA256

      e88e83193cc7752b3fff67082209bc9c2f40351fd5b24cda09fe170c5335619a

    • SHA512

      c03a6dcca6c0ca3b012ec277cdaa16353840145538642edc9edecf175fa6497b932941e3e5101391a3c5d865c6c67ea03583b462ae59761d9b44a979cb9861ee

    • SSDEEP

      3145728:fNazN7yQdY0ZohO/+IxfZlaOpWI36BCvyicYnEu:1oN7yQC0Zp2IJna4WYvxcLu

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks