Overview

overview

10

Static

static

3

2024-11-26...ys.exe

windows7-x64

10

2024-11-26...ys.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2024 05:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-11-26_18a86691a2db82617aabde69a7d059ba_avoslocker_luca-stealer_rhadamanthys.exe

  • Size

    9.9MB

  • MD5

    18a86691a2db82617aabde69a7d059ba

  • SHA1

    af5edfd3450f92556aaa4db40380ef40fe0900a3

  • SHA256

    f510ca0c11db664c2770289a4dc12bf178ea322d92183e6a405e81460effb5cb

  • SHA512

    12d85deacde4405d78bdf39e4bae402a0e7018049821d63f4963e5a79f56de206b7ec92b57c0b4dc8bcdbfe542ea61714efb263e815a066fe98bd844dde5fa3c

  • SSDEEP

    196608:kMKK8Gneb2pEjrJZaiywsQk2E+jT9YY6SZQGCB93LqyzYJ:lTpneVjrfJsRu6SzCP7qKYJ

Score
10/10
lummastealer

Malware Config

Extracted

Family

lumma

C2

https://richardflorespoew.shop/api

https://strwawrunnygjwu.shop/api

https://justifycanddidatewd.shop/api

https://raiseboltskdlwpow.shop/api

https://falseaudiencekd.shop/api

https://pleasurenarrowsdla.shop/api

https://feighminoritsjda.shop/api

https://marathonbeedksow.shop/api

https://rumorslottechnogso.shop/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Lumma family
    lumma

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-11-26_18a86691a2db82617aabde69a7d059ba_avoslocker_luca-stealer_rhadamanthys.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-11-26_18a86691a2db82617aabde69a7d059ba_avoslocker_luca-stealer_rhadamanthys.exe"
    1⤵
      PID:2168

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2168-1-0x0000000000404000-0x000000000041E000-memory.dmp

      Filesize

      104KB

      Download

    • memory/2168-2-0x0000000000230000-0x000000000023A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2168-3-0x0000000000230000-0x000000000023A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2168-4-0x0000000000240000-0x0000000000247000-memory.dmp

      Filesize

      28KB

      Download

    • memory/2168-6-0x0000000000250000-0x0000000000254000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2168-8-0x00000000003E0000-0x00000000003F9000-memory.dmp

      Filesize

      100KB

      Download

    • memory/2168-10-0x0000000000404000-0x000000000041E000-memory.dmp

      Filesize

      104KB

      Download

    • memory/2168-11-0x0000000000243000-0x0000000000247000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2168-18-0x0000000000400000-0x0000000000A08000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/2168-17-0x0000000000BB0000-0x0000000000C05000-memory.dmp

      Filesize

      340KB

      Download

    • memory/2168-16-0x00000000003E3000-0x00000000003F9000-memory.dmp

      Filesize

      88KB

      Download

    • memory/2168-15-0x00000000003E0000-0x00000000003F9000-memory.dmp

      Filesize

      100KB

      Download

    • memory/2168-14-0x0000000000250000-0x0000000000254000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2168-13-0x0000000000240000-0x0000000000247000-memory.dmp

      Filesize

      28KB

      Download

    • memory/2168-12-0x0000000000233000-0x000000000023A000-memory.dmp

      Filesize

      28KB

      Download