General
-
Target
LummaStealer.zip
-
Size
583KB
-
Sample
241118-vg2nbs1fml
-
MD5
7f5db0f9da3501190354273011c5e093
-
SHA1
29dd2b76533c13e7f381f91b6a33fe1023baff8f
-
SHA256
b3dbdf2eeee95dc6ec59fcbe3c0f35525d7c18fcd8ef8bb4396b0a6529ca1a1d
-
SHA512
78be4ebb22dec728662e4d2ef28b2e8439160abbc2cb389fe977e97e909a354fe8a2977be8f8a68f1122f0bf341fb27779e2d7765d7282ca3fc71943d7dd297d
-
SSDEEP
12288:e2Z3VSdbbi1pwYsB6Nk6162lshGOnCAJmfGHP0zZuj3:va3i1pt262U6FhzCq3Msj3
Malware Config
Extracted
lumma
https://tamedgeesy.sbs
https://relalingj.sbs
https://rottieud.sbs
https://brownieyuz.sbs
https://explainvees.sbs
https://ducksringjk.sbs
https://thinkyyokej.sbs
https://repostebhu.sbs
https://slippyhost.cfd
Targets
-
-
Target
2de8a18814cd66704edec08ae4b37e466c9986540da94cd61b2ca512d495b91a.exe
-
Size
687KB
-
MD5
373cd164bb01f77ad1e37df844010ee5
-
SHA1
15933d9bb181a5695cc2663f3e085aa7cccfdb31
-
SHA256
2de8a18814cd66704edec08ae4b37e466c9986540da94cd61b2ca512d495b91a
-
SHA512
05b0ba02db275f38af72bb87a72f9971df159e61f9bfe5e265edf269d20db9b5157f5313b4faa781498580a49c44a2a4b42e04a77720e3a7b7ce928c4a1583ef
-
SSDEEP
12288:cPdAs5gcA5HZc2YNh9ZZ6jVuTzghr/k6u6haiQGh33PJEQDCk+Y3CUI6WTx:MDecACNh9ZZ65u/ghLVPhatGphlCFY3y
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-