General

  • Target

    02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8.exe

  • Size

    574KB

  • Sample

    241122-cf7h3sxrbr

  • MD5

    837840f37e344f8e7bc187f88f93c4a8

  • SHA1

    782edf606d07812ec71254cc9cf2260da2e3fd51

  • SHA256

    02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8

  • SHA512

    025068c49129a0d40235a9c80b6473e86b4d1209fabe953ac425628ad98e3b64106777014b5c20d24324991618d901c662feb69dc76cd7f68f39e415887c8480

  • SSDEEP

    12288:SRgyqSwAN2kLkjnP13tGIGef4cDDKeCxeAn3tCk9Rj71Mlr7v:ig2N2kLkTd3AIGFcDtSVvCr7v

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://fumblingactor.cyou/api

Targets

    • Target

      02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8.exe

    • Size

      574KB

    • MD5

      837840f37e344f8e7bc187f88f93c4a8

    • SHA1

      782edf606d07812ec71254cc9cf2260da2e3fd51

    • SHA256

      02ec8860240f90b920bb2692f651d0ec712e511e0bd17a3b1048382fdfdcb4d8

    • SHA512

      025068c49129a0d40235a9c80b6473e86b4d1209fabe953ac425628ad98e3b64106777014b5c20d24324991618d901c662feb69dc76cd7f68f39e415887c8480

    • SSDEEP

      12288:SRgyqSwAN2kLkjnP13tGIGef4cDDKeCxeAn3tCk9Rj71Mlr7v:ig2N2kLkTd3AIGFcDtSVvCr7v

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks