lumma | 8b99e5083df1ef3bd4f6975efd3ea32b4df2cd057d009c7c3f6b436b65076707

General

Target

1168-41-0x0000000000D50000-0x00000000011FF000-memory.dmp
Size

4.7MB
Sample

241127-ppqcdazmgq
MD5

8dee3175b07bc947836379af2e05f3a4
SHA1

a9a4ddc655509a6b1ffc9f4738fd0ea138a958b2
SHA256

8b99e5083df1ef3bd4f6975efd3ea32b4df2cd057d009c7c3f6b436b65076707
SHA512

31edd8bed3ff4ec45aa37863a433542f1b1ea6050f96c2401824aa5cdff4c7871e8f1f4c2f7e00d352162381f896731f31bb16fbcd430192a3cc44e93973f466
SSDEEP

49152:jadmhGh2AIqlgZ387Py8FQDRV+d043wfmmW3NeEaB8tW8cz5HZdSX6h2MhXR:ja4hw2tZ3yPycQt08+53iDlZdSX6hjT

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://property-imper.sbs

Targets

- Target
  
  1168-41-0x0000000000D50000-0x00000000011FF000-memory.dmp
- Size
  
  4.7MB
- MD5
  
  8dee3175b07bc947836379af2e05f3a4
- SHA1
  
  a9a4ddc655509a6b1ffc9f4738fd0ea138a958b2
- SHA256
  
  8b99e5083df1ef3bd4f6975efd3ea32b4df2cd057d009c7c3f6b436b65076707
- SHA512
  
  31edd8bed3ff4ec45aa37863a433542f1b1ea6050f96c2401824aa5cdff4c7871e8f1f4c2f7e00d352162381f896731f31bb16fbcd430192a3cc44e93973f466
- SSDEEP
  
  49152:jadmhGh2AIqlgZ387Py8FQDRV+d043wfmmW3NeEaB8tW8cz5HZdSX6h2MhXR:ja4hw2tZ3yPycQt08+53iDlZdSX6hjT
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2