General

  • Target

    file.exe

  • Size

    800KB

  • Sample

    241111-16r33sxhpl

  • MD5

    fdd32b4750927fc31f02c4848a29d7ea

  • SHA1

    f504d7d67a71cb7c0d4a433c7057379f7d4b63f8

  • SHA256

    06cf5929af0c5a41532501d87a5fbc479d6b6b806672dbab88dc83c359e999fc

  • SHA512

    b3d7ac3b3c67bdaddfb54186a429e2ad8a57f12ed878750714f0c67f272ce944a71e71aaaf24bd2459c4e943106c60d4231637730457873a9204237408451fa9

  • SSDEEP

    12288:kyExD6cY/ECVxpQQVmoDEvQZueshdz8moDEvQZueshdzLlr7v:1sedEwwQE0Q50QRr7v

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://thicktoys.sbs/api

https://3xc1aimbl0w.sbs/api

https://300snails.sbs/api

https://faintbl0w.sbs/api

Targets

    • Target

      file.exe

    • Size

      800KB

    • MD5

      fdd32b4750927fc31f02c4848a29d7ea

    • SHA1

      f504d7d67a71cb7c0d4a433c7057379f7d4b63f8

    • SHA256

      06cf5929af0c5a41532501d87a5fbc479d6b6b806672dbab88dc83c359e999fc

    • SHA512

      b3d7ac3b3c67bdaddfb54186a429e2ad8a57f12ed878750714f0c67f272ce944a71e71aaaf24bd2459c4e943106c60d4231637730457873a9204237408451fa9

    • SSDEEP

      12288:kyExD6cY/ECVxpQQVmoDEvQZueshdz8moDEvQZueshdzLlr7v:1sedEwwQE0Q50QRr7v

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks