Overview

overview

10

Static

static

3

0c77eac0fb...69.exe

windows7-x64

7

0c77eac0fb...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c77eac0fb4f7a0c8e51d7071cb17ba72c1f53ca292d2ae4d98ec768384e6069.zip

  • Size

    631KB

  • Sample

    241230-f6vhzszkap

  • MD5

    941f5f9e5887ca20c6da1b024af29fe1

  • SHA1

    790792e1568c7adfd83f4adf4637b8b0850df1f4

  • SHA256

    0c77eac0fb4f7a0c8e51d7071cb17ba72c1f53ca292d2ae4d98ec768384e6069

  • SHA512

    646673c84b8d916ca8a28a3d2070568d7404f99e7a678bcf95ef6d05119fbfb395ce05b63637297647f89255278d8dc7f6a65aec166b101cb8af19944eb14289

  • SSDEEP

    12288:o78dW5EcXmFOyiBNIppwJB3R7M6ETiVjmVYhHOXBUy1+1MKAyj+JDNjy3BynP3wQ:o7r+cXmFOy2qp+JBuBi9m7m

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://impend-differ.biz/api

https://print-vexer.biz/api

https://dare-curbys.biz/api

https://covery-mover.biz/api

https://formy-spill.biz/api

https://dwell-exclaim.biz/api

https://zinc-sneark.biz/api

https://se-blurry.biz/api

https://revirepart.biz/api

Targets

    • Target

      0c77eac0fb4f7a0c8e51d7071cb17ba72c1f53ca292d2ae4d98ec768384e6069.zip

    • Size

      631KB

    • MD5

      941f5f9e5887ca20c6da1b024af29fe1

    • SHA1

      790792e1568c7adfd83f4adf4637b8b0850df1f4

    • SHA256

      0c77eac0fb4f7a0c8e51d7071cb17ba72c1f53ca292d2ae4d98ec768384e6069

    • SHA512

      646673c84b8d916ca8a28a3d2070568d7404f99e7a678bcf95ef6d05119fbfb395ce05b63637297647f89255278d8dc7f6a65aec166b101cb8af19944eb14289

    • SSDEEP

      12288:o78dW5EcXmFOyiBNIppwJB3R7M6ETiVjmVYhHOXBUy1+1MKAyj+JDNjy3BynP3wQ:o7r+cXmFOy2qp+JBuBi9m7m

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks