Overview

overview

10

Static

static

10

3924-41-0x...ry.exe

windows7-x64

1

3924-41-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3924-41-0x0000000000630000-0x0000000000ACF000-memory.dmp

  • Size

    4.6MB

  • MD5

    fe7734b40c6fb464519fcf4def8d953d

  • SHA1

    7702fee6cd861e13968bc53a5bdefcad8934f429

  • SHA256

    a6db4313edac318b615705eec92a587f2ec31b474fe6c04d5979c7e26446f3b9

  • SHA512

    abf58123f7f18195a8152180e5aed76e97020f5c2cb3bd757eb3028911c4023eb0caede97e8d2e06bde55cd9c5492d34cae8f45ca001908f97d0afac4cf41176

  • SSDEEP

    98304:wcDK/OfZqhT5YSc466O9Vnl+d5wZkYw2IQcFlR:wch5rVl+dkZwJDlR

Score
10/10
stealerlumma

Malware Config

Extracted

Family

lumma

C2

https://preside-comforter.sbs

https://savvy-steereo.sbs

https://copper-replace.sbs

https://record-envyp.sbs

https://slam-whipp.sbs

https://wrench-creter.sbs

https://looky-marked.sbs

https://plastic-mitten.sbs

https://hallowed-noisy.sbs

Signatures

  • Lumma family
    lumma
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3924-41-0x0000000000630000-0x0000000000ACF000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections