Overview

overview

10

Static

static

3

Install.exe

windows7-x64

10

Install.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Install.exe

  • Size

    459KB

  • Sample

    241126-wya3dazjdm

  • MD5

    ad38d43c1eca47ac35ac2139b87379ac

  • SHA1

    86cbcc824c314d83a1e50c9a9c5e720a3a94944d

  • SHA256

    8bbceb5526f4c4cf26a60c0094e8ebbf7811cc54500bb86e07de84b64d5c223c

  • SHA512

    7fd4755a2111064a78fd2d9cefa67773bf7fb190e389aac5b460e9f4d82f0302524436989a86fc6b525208c81726a3830ad5ba447763152d5ca964c204c78e28

  • SSDEEP

    12288:vV4fznmsrVQRW8D8XpjHCpJ+IYCNIqI2070iailr7v:vuyCFXpc+IYvqager7v

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://property-imper.sbs

Extracted

Family

lumma

C2

https://blade-govern.sbs/api

https://story-tense-faz.sbs/api

https://disobey-curly.sbs/api

https://motion-treesz.sbs/api

https://powerful-avoids.sbs/api

Targets

    • Target

      Install.exe

    • Size

      459KB

    • MD5

      ad38d43c1eca47ac35ac2139b87379ac

    • SHA1

      86cbcc824c314d83a1e50c9a9c5e720a3a94944d

    • SHA256

      8bbceb5526f4c4cf26a60c0094e8ebbf7811cc54500bb86e07de84b64d5c223c

    • SHA512

      7fd4755a2111064a78fd2d9cefa67773bf7fb190e389aac5b460e9f4d82f0302524436989a86fc6b525208c81726a3830ad5ba447763152d5ca964c204c78e28

    • SSDEEP

      12288:vV4fznmsrVQRW8D8XpjHCpJ+IYCNIqI2070iailr7v:vuyCFXpc+IYvqager7v

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks