Overview

overview

10

Static

static

3

857270428d...23.exe

windows7-x64

7

857270428d...23.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    857270428d9d88c5da6d8b9d33059d4e29347637879a17975631408c5359b623.exe

  • Size

    6.8MB

  • Sample

    241121-pyl2bawqfq

  • MD5

    9cf2fcabd10ee683a3652815014b368c

  • SHA1

    f49914f1cf2b7fbba812eb8fd807b19065008b23

  • SHA256

    857270428d9d88c5da6d8b9d33059d4e29347637879a17975631408c5359b623

  • SHA512

    8dcf40e92d40627fb79413c6662e43e87d1dcd23e2825aa87a96e09706cff25e5e894376fdf5570d0e8470c36a4574810fc8afea3c720595fac07b93d0904117

  • SSDEEP

    196608:e741InG5lNniIbZg4TYc1vR31A4zur5MOjjDDTTVCjE/gsOt0G1:e741ZbPH1AJCY/Ur

Score
10/10
lummadiscoverypyinstallerstealer

Malware Config

Extracted

Family

lumma

C2

https://drawwyobstacw.sbs

https://condifendteu.sbs

https://ehticsprocw.sbs

https://vennurviot.sbs

https://resinedyw.sbs

https://enlargkiw.sbs

https://allocatinow.sbs

https://mathcucom.sbs

https://droppyrelivei.cfd

Targets

    • Target

      857270428d9d88c5da6d8b9d33059d4e29347637879a17975631408c5359b623.exe

    • Size

      6.8MB

    • MD5

      9cf2fcabd10ee683a3652815014b368c

    • SHA1

      f49914f1cf2b7fbba812eb8fd807b19065008b23

    • SHA256

      857270428d9d88c5da6d8b9d33059d4e29347637879a17975631408c5359b623

    • SHA512

      8dcf40e92d40627fb79413c6662e43e87d1dcd23e2825aa87a96e09706cff25e5e894376fdf5570d0e8470c36a4574810fc8afea3c720595fac07b93d0904117

    • SSDEEP

      196608:e741InG5lNniIbZg4TYc1vR31A4zur5MOjjDDTTVCjE/gsOt0G1:e741ZbPH1AJCY/Ur

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks