General

  • Target

    06abfbd278feaa3bb47fd0efb97956ea737d691f66595a56e9d80fa92f3cad45

  • Size

    599KB

  • Sample

    241119-xzy19szhpf

  • MD5

    357c4ff0144052f2ab0b3eca8055cc31

  • SHA1

    92ff338ee607699ebfb6c84ae0cf336bb8324410

  • SHA256

    06abfbd278feaa3bb47fd0efb97956ea737d691f66595a56e9d80fa92f3cad45

  • SHA512

    e4846033c664c54bc2a4fc7641625959ff6bdd9b19b6ad111231d7bc50e25f835bb5acc11af3e4d6a13348cd63016efffea5a89167bc6ccc2525f38545765973

  • SSDEEP

    12288:Cz+4JyGMalyMNk8thPB2EbEPA99drekfl/EUGygoOV+uyJdkIKqL1hMM5:CFJy0Tk6B2EbEo9/XflyXonu0KqL1hF

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://offybirhtdi.sbs

https://activedomest.sbs

https://arenbootk.sbs

https://mediavelk.sbs

https://definitib.sbs

https://elaboretib.sbs

https://strikebripm.sbs

https://ostracizez.sbs

https://withdrwblon.cyou

Targets

    • Target

      06abfbd278feaa3bb47fd0efb97956ea737d691f66595a56e9d80fa92f3cad45

    • Size

      599KB

    • MD5

      357c4ff0144052f2ab0b3eca8055cc31

    • SHA1

      92ff338ee607699ebfb6c84ae0cf336bb8324410

    • SHA256

      06abfbd278feaa3bb47fd0efb97956ea737d691f66595a56e9d80fa92f3cad45

    • SHA512

      e4846033c664c54bc2a4fc7641625959ff6bdd9b19b6ad111231d7bc50e25f835bb5acc11af3e4d6a13348cd63016efffea5a89167bc6ccc2525f38545765973

    • SSDEEP

      12288:Cz+4JyGMalyMNk8thPB2EbEPA99drekfl/EUGygoOV+uyJdkIKqL1hMM5:CFJy0Tk6B2EbEo9/XflyXonu0KqL1hF

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks