General
-
Target
608864a20a91e6fcacefa06046a522a66dbfe45f3f94adfc32ed89ffcae29907
-
Size
480KB
-
Sample
241126-xj94la1jdq
-
MD5
c1b5cae419a07b5bfeb4e958510f8637
-
SHA1
80c99f320d7b74fb100b51cd98a2ff232e286e63
-
SHA256
608864a20a91e6fcacefa06046a522a66dbfe45f3f94adfc32ed89ffcae29907
-
SHA512
eba55a7ee08a6be1cda57a97329d97fdb0450f1db9a13a5b88263d21497eeb5c844a5000f46f20de13f82fe92e17e3339031b3806832c0982ee5a30f83255a9b
-
SSDEEP
12288:iJB+nneDgkXFEIapcLRDW+vHfQ1n21GwriB4jP/9h:GAoR25pclDWMHQ21IWj/
Malware Config
Extracted
lumma
https://powerful-avoids.sbs
https://motion-treesz.sbs
https://disobey-curly.sbs
https://leg-sate-boat.sbs
https://story-tense-faz.sbs
https://blade-govern.sbs
https://occupy-blushi.sbs
https://frogs-severz.sbs
https://property-imper.sbs
Extracted
lumma
https://blade-govern.sbs/api
https://story-tense-faz.sbs/api
https://disobey-curly.sbs/api
https://motion-treesz.sbs/api
https://powerful-avoids.sbs/api
Targets
-
-
Target
608864a20a91e6fcacefa06046a522a66dbfe45f3f94adfc32ed89ffcae29907
-
Size
480KB
-
MD5
c1b5cae419a07b5bfeb4e958510f8637
-
SHA1
80c99f320d7b74fb100b51cd98a2ff232e286e63
-
SHA256
608864a20a91e6fcacefa06046a522a66dbfe45f3f94adfc32ed89ffcae29907
-
SHA512
eba55a7ee08a6be1cda57a97329d97fdb0450f1db9a13a5b88263d21497eeb5c844a5000f46f20de13f82fe92e17e3339031b3806832c0982ee5a30f83255a9b
-
SSDEEP
12288:iJB+nneDgkXFEIapcLRDW+vHfQ1n21GwriB4jP/9h:GAoR25pclDWMHQ21IWj/
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-