General

  • Target

    ae83d705f53bbe97ca150294fc3315ec4bbc3bce982c6a9d1f7a69ce4e5cbd2eN

  • Size

    1.6MB

  • Sample

    241030-3qrtgstgqr

  • MD5

    b1f165074def5a38901e52ccc7ebd800

  • SHA1

    00f9d1fd6faccef1d57304876be3e70e98c71bbe

  • SHA256

    ae83d705f53bbe97ca150294fc3315ec4bbc3bce982c6a9d1f7a69ce4e5cbd2e

  • SHA512

    8454f69c3c9eac9330ddfabbd2b18cb46e130de297aa65ea6894bf16eaa0a8b66cfd2a515e466e61cbdd62207567199ff259b0b153d547850547f9521fe2a418

  • SSDEEP

    24576:hB4ScdbnWLR94PqG5kCcvUY6rZ49Q53aGGO+W:hBxLIY6rZ49QkXO+

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://goalyfeastz.site/api

https://contemteny.site/api

https://dilemmadu.site/api

https://authorisev.site/api

Targets

    • Target

      ae83d705f53bbe97ca150294fc3315ec4bbc3bce982c6a9d1f7a69ce4e5cbd2eN

    • Size

      1.6MB

    • MD5

      b1f165074def5a38901e52ccc7ebd800

    • SHA1

      00f9d1fd6faccef1d57304876be3e70e98c71bbe

    • SHA256

      ae83d705f53bbe97ca150294fc3315ec4bbc3bce982c6a9d1f7a69ce4e5cbd2e

    • SHA512

      8454f69c3c9eac9330ddfabbd2b18cb46e130de297aa65ea6894bf16eaa0a8b66cfd2a515e466e61cbdd62207567199ff259b0b153d547850547f9521fe2a418

    • SSDEEP

      24576:hB4ScdbnWLR94PqG5kCcvUY6rZ49Q53aGGO+W:hBxLIY6rZ49QkXO+

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks