lumma | bddbdbc20814b6e47536a93a3e5772c2c050c097423a8d5fd9bf65bc20e6a4c9

General

Target

3060-1231-0x00000000002F0000-0x000000000079F000-memory.dmp
Size

4.7MB
Sample

241127-pydd6szqcm
MD5

22ef696ef9c482b610733fda8f6794a2
SHA1

84eac4ee38733dbc92b54e234a7d325db8e24022
SHA256

bddbdbc20814b6e47536a93a3e5772c2c050c097423a8d5fd9bf65bc20e6a4c9
SHA512

d8ba06e89b72551f90375c28fa442d5dd09036e400cc2f9cbfdbeed8a3264e226f7fb8b2687a25521015a556c25748010dc4e95880621eda36b1036dabce0ebb
SSDEEP

49152:TZ8VW72f2AIqlgZ387PyMFQCYYo2d0Oy+fm+W3NeEaB8tW8cz5HZdSX6h2MhXR:l8Q7G2tZ3yPysQnmZ+R3iDlZdSX6hjT

Score

10^/10

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://property-imper.sbs

Targets

- Target
  
  3060-1231-0x00000000002F0000-0x000000000079F000-memory.dmp
- Size
  
  4.7MB
- MD5
  
  22ef696ef9c482b610733fda8f6794a2
- SHA1
  
  84eac4ee38733dbc92b54e234a7d325db8e24022
- SHA256
  
  bddbdbc20814b6e47536a93a3e5772c2c050c097423a8d5fd9bf65bc20e6a4c9
- SHA512
  
  d8ba06e89b72551f90375c28fa442d5dd09036e400cc2f9cbfdbeed8a3264e226f7fb8b2687a25521015a556c25748010dc4e95880621eda36b1036dabce0ebb
- SSDEEP
  
  49152:TZ8VW72f2AIqlgZ387PyMFQCYYo2d0Oy+fm+W3NeEaB8tW8cz5HZdSX6h2MhXR:l8Q7G2tZ3yPysQnmZ+R3iDlZdSX6hjT
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2