Overview

overview

10

Static

static

3

b4774f8d0d...4N.exe

windows7-x64

7

b4774f8d0d...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4774f8d0d979bc0cc408ab7395851929a4e544fdd7867f26356d5e10275fbd4N.exe

  • Size

    287KB

  • Sample

    241118-sakecsyma1

  • MD5

    44d3ac4ec21d2d10682490b64f8a8ca0

  • SHA1

    aad850503b0f4abad3fed579873cd6346d1f2148

  • SHA256

    b4774f8d0d979bc0cc408ab7395851929a4e544fdd7867f26356d5e10275fbd4

  • SHA512

    2ec0263e6b94db65557da0a9559415493b6a77bf9c6a93919d56b116105c76e95e80102d60b322b2e449f0abecbd0f2bf2e02ddd71b2a8b0dbe58da2e39b2dac

  • SSDEEP

    6144:5Fs3nkwUA7USB6i5agrKMi3Bb6+NHJf8UuaakZWcbo4qjV+Vh9vieg:QEU9B6lVjb/NHpJdadco4qxWh9vie

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://moutheventushz.shop/api

https://respectabosiz.shop/api

https://bakedstusteeb.shop/api

https://conceszustyb.shop/api

https://nightybinybz.shop/api

https://standartedby.shop/api

https://mutterissuen.shop/api

https://worddosofrm.shop/api

https://berrylinyj.cyou

Targets

    • Target

      b4774f8d0d979bc0cc408ab7395851929a4e544fdd7867f26356d5e10275fbd4N.exe

    • Size

      287KB

    • MD5

      44d3ac4ec21d2d10682490b64f8a8ca0

    • SHA1

      aad850503b0f4abad3fed579873cd6346d1f2148

    • SHA256

      b4774f8d0d979bc0cc408ab7395851929a4e544fdd7867f26356d5e10275fbd4

    • SHA512

      2ec0263e6b94db65557da0a9559415493b6a77bf9c6a93919d56b116105c76e95e80102d60b322b2e449f0abecbd0f2bf2e02ddd71b2a8b0dbe58da2e39b2dac

    • SSDEEP

      6144:5Fs3nkwUA7USB6i5agrKMi3Bb6+NHJf8UuaakZWcbo4qjV+Vh9vieg:QEU9B6lVjb/NHpJdadco4qxWh9vie

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks