General

  • Target

    1b3c135d4e0f20b67ef9014623891ea5.bin

  • Size

    341KB

  • Sample

    241122-bgjmzaxkfm

  • MD5

    a7d1371369344228837de4f7c6747c9d

  • SHA1

    1b797f1c4ac6c4621aa9b3a04c09d59c8a1bfcfd

  • SHA256

    f4dff599e5c8f56a210ccc333000f0d1326ab8bebbf4f9ff37073c2b5485642b

  • SHA512

    19c13bdf5f8f95f0166effaae34264ba319dbc6a446d1745baecf63cfff4dc45027b9b011489c42608ddc1769b3b6fd4a19ddcc005e4ac592aa5ffd1a66361bd

  • SSDEEP

    6144:VV4dK/bXkE8D3Z8IIQpZNiQOVT1NmwoL4AqOC2TtSZ7KOrH3+tCG:noKbkXGIlpZHOVTGwURq/2qNrXcCG

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://commisionipwn.shop/api

https://stitchmiscpaew.shop/api

https://ignoracndwko.shop/api

https://grassemenwji.shop/api

https://charistmatwio.shop/api

https://basedsymsotp.shop/api

https://complainnykso.shop/api

https://preachstrwnwjw.shop/api

https://glassestacwop.shop/api

Targets

    • Target

      cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a.exe

    • Size

      362KB

    • MD5

      1b3c135d4e0f20b67ef9014623891ea5

    • SHA1

      04fd278709f419ac13d260e2a1abe689ac5b5579

    • SHA256

      cf8db7212e45eb2db7593efdb294069ea6bfee32dc77f551b9cfcb5ee9ec069a

    • SHA512

      b2252bf27c3071a44771189f6b2ae4a4ef05615cc01964ed33188b9a2a9890812b8150d8f3c30257ebebfeb0b8150ff838b65a4687363ef4a54fdbe842b3ec6c

    • SSDEEP

      6144:6zCUWZNi1IRsSdwqqo3lkpF7p3PHHQ21wIxyEqlnVj19OAqyN2CVLJj2vpw3qmNu:oC8MKqfVkT7aIxyEqpV9NkkqmNIxhc

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks