General

  • Target

    cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a.exe

  • Size

    362KB

  • Sample

    241121-kfcmpszqby

  • MD5

    1b3c135d4e0f20b67ef9014623891ea5

  • SHA1

    04fd278709f419ac13d260e2a1abe689ac5b5579

  • SHA256

    cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a

  • SHA512

    b2252bf27c3071a44771189f6b2ae4a4ef05615cc01964ed33188b9a2a9890812b8150d8f3c30257ebebfeb0b8150ff838b65a4687363ef4a54fdbe842b3ec6c

  • SSDEEP

    6144:6zCUWZNi1IRsSdwqqo3lkpF7p3PHHQ21wIxyEqlnVj19OAqyN2CVLJj2vpw3qmNu:oC8MKqfVkT7aIxyEqpV9NkkqmNIxhc

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://commisionipwn.shop/api

https://stitchmiscpaew.shop/api

https://ignoracndwko.shop/api

https://grassemenwji.shop/api

https://charistmatwio.shop/api

https://basedsymsotp.shop/api

https://complainnykso.shop/api

https://preachstrwnwjw.shop/api

https://glassestacwop.shop/api

Targets

    • Target

      cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a.exe

    • Size

      362KB

    • MD5

      1b3c135d4e0f20b67ef9014623891ea5

    • SHA1

      04fd278709f419ac13d260e2a1abe689ac5b5579

    • SHA256

      cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a

    • SHA512

      b2252bf27c3071a44771189f6b2ae4a4ef05615cc01964ed33188b9a2a9890812b8150d8f3c30257ebebfeb0b8150ff838b65a4687363ef4a54fdbe842b3ec6c

    • SSDEEP

      6144:6zCUWZNi1IRsSdwqqo3lkpF7p3PHHQ21wIxyEqlnVj19OAqyN2CVLJj2vpw3qmNu:oC8MKqfVkT7aIxyEqpV9NkkqmNIxhc

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks