General

  • Target

    Photo_shop [PASSWORD - 2024] (2024).rar

  • Size

    15.5MB

  • Sample

    241030-zgr64s1cnp

  • MD5

    45379e2fa4f1d3c059bcb1eff72eaec8

  • SHA1

    b0735d767022cca9619f5d7e2df775fc12018c38

  • SHA256

    98ad81121de843a7fad0dd89bb4308445a5a383fa112da88e9a9db273aaf64c5

  • SHA512

    1fb5f0045c5e870ab33547bd5d6b120abfc1d66f917621d29abdd52810d7d24248d45319f3ab8d9cac7cadfad50c6566802aff2b3bfa3109c7fb806cb12fb496

  • SSDEEP

    393216:eVNee//zZj8syjS7yyNtkJSC8V2GIO1aupr8JM:4t/7ZYnhMtk46VqaAj

Malware Config

Extracted

Family

lumma

C2

https://goalyfeastz.site/api

https://contemteny.site/api

https://dilemmadu.site/api

https://authorisev.site/api

Targets

    • Target

      Photo_shop [PASSWORD - 2024] (2024).rar

    • Size

      15.5MB

    • MD5

      45379e2fa4f1d3c059bcb1eff72eaec8

    • SHA1

      b0735d767022cca9619f5d7e2df775fc12018c38

    • SHA256

      98ad81121de843a7fad0dd89bb4308445a5a383fa112da88e9a9db273aaf64c5

    • SHA512

      1fb5f0045c5e870ab33547bd5d6b120abfc1d66f917621d29abdd52810d7d24248d45319f3ab8d9cac7cadfad50c6566802aff2b3bfa3109c7fb806cb12fb496

    • SSDEEP

      393216:eVNee//zZj8syjS7yyNtkJSC8V2GIO1aupr8JM:4t/7ZYnhMtk46VqaAj

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks