General
-
Target
2024-12-30_754e59126c2840e24ab1de60567a403d_frostygoop_snatch
-
Size
3.6MB
-
Sample
241230-ezn7ysxren
-
MD5
754e59126c2840e24ab1de60567a403d
-
SHA1
8c23b8d95d446de42abe3c12e6e522e8951b3ba9
-
SHA256
6c537a4b8caa82e449a355a5eee251684a3a15e85437d4f0be4917c5bb1eaad1
-
SHA512
b45750b45f9d3893650f5e519d5a93194d4b76f3004be8a9a6342834d8b5fd8e7ed1376fc7540a5e8eb13ca91584e3cdd0ab3149d401d4cac64e9ffc1c8745d5
-
SSDEEP
49152:ccWc+BmELGlkA0EhnZLLEXSHIv2IVADlZMy6M3amhITeL2Jx6RkIKyI8IDwJcTrr:ccW6KAder8ZzasYY
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Extracted
lumma
https://abruptyopsn.shop/api
https://wholersorie.shop/api
https://framekgirus.shop/api
https://tirepublicerj.shop/api
https://noisycuttej.shop/api
https://rabidcowse.shop/api
https://cloudewahsj.shop/api
Targets
-
-
Target
2024-12-30_754e59126c2840e24ab1de60567a403d_frostygoop_snatch
-
Size
3.6MB
-
MD5
754e59126c2840e24ab1de60567a403d
-
SHA1
8c23b8d95d446de42abe3c12e6e522e8951b3ba9
-
SHA256
6c537a4b8caa82e449a355a5eee251684a3a15e85437d4f0be4917c5bb1eaad1
-
SHA512
b45750b45f9d3893650f5e519d5a93194d4b76f3004be8a9a6342834d8b5fd8e7ed1376fc7540a5e8eb13ca91584e3cdd0ab3149d401d4cac64e9ffc1c8745d5
-
SSDEEP
49152:ccWc+BmELGlkA0EhnZLLEXSHIv2IVADlZMy6M3amhITeL2Jx6RkIKyI8IDwJcTrr:ccW6KAder8ZzasYY
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-