Overview

overview

10

Static

static

3

bc32cb3d79...b7.exe

windows7-x64

10

bc32cb3d79...b7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc32cb3d7964088842b7040c23af2bff7f8e07781e8295a3e45871151052e7b7

  • Size

    488KB

  • Sample

    241127-xpe6eawjhw

  • MD5

    0e6fce268473aad13da6aa0c2e93ec94

  • SHA1

    d01b0c69c28b913c4dd3297ca6c78f98d6ba1972

  • SHA256

    bc32cb3d7964088842b7040c23af2bff7f8e07781e8295a3e45871151052e7b7

  • SHA512

    0122f8a058502df27efd7da995a5357f284ed307817f237109ca57891f3cf95959d31fda9b9c5815db0240019ec0a559deb4b2287cd10a70fcfbd9cb59d9ebd9

  • SSDEEP

    12288:FJB+nneDgkXFEIKUciGq/LCgvKXG9DhZiwC0:rAoR2x1iG8LCgN9lZi4

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://powerful-avoids.sbs

https://motion-treesz.sbs

https://disobey-curly.sbs

https://leg-sate-boat.sbs

https://story-tense-faz.sbs

https://blade-govern.sbs

https://occupy-blushi.sbs

https://frogs-severz.sbs

https://property-imper.sbs

Targets

    • Target

      bc32cb3d7964088842b7040c23af2bff7f8e07781e8295a3e45871151052e7b7

    • Size

      488KB

    • MD5

      0e6fce268473aad13da6aa0c2e93ec94

    • SHA1

      d01b0c69c28b913c4dd3297ca6c78f98d6ba1972

    • SHA256

      bc32cb3d7964088842b7040c23af2bff7f8e07781e8295a3e45871151052e7b7

    • SHA512

      0122f8a058502df27efd7da995a5357f284ed307817f237109ca57891f3cf95959d31fda9b9c5815db0240019ec0a559deb4b2287cd10a70fcfbd9cb59d9ebd9

    • SSDEEP

      12288:FJB+nneDgkXFEIKUciGq/LCgvKXG9DhZiwC0:rAoR2x1iG8LCgN9lZi4

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks