Overview

overview

10

Static

static

1

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b61786dafa647f621146b04f3fc5138f9d7c983a29f230c93ca8c53b3774714d.zip

  • Size

    9.4MB

  • Sample

    241230-f7j4mszlfk

  • MD5

    285cac33ec57eb0292c4cbdbb08512ef

  • SHA1

    f3e21f99a36550caf7dde81f432caae73f5674da

  • SHA256

    b61786dafa647f621146b04f3fc5138f9d7c983a29f230c93ca8c53b3774714d

  • SHA512

    9f7917bf30acd8d855cfdf090f20ced8342b2684ba8b800024c4a953a1d8a2305758f20c9545b632426ff0251ea6841b349d8f98e2cc14c4de926fd5026c122b

  • SSDEEP

    196608:k4kCpos9N8savgdRxKRQ91gatf924tV3fAUQj/NKtjudj9Sb1pa87W5b:ndOsbPavgTB91b/tV3IdKCjeHjSh

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://delaylacedmn.site/api

https://writekdmsnu.site/api

https://agentyanlark.site/api

https://bellykmrebk.site/api

https://underlinemdsj.site/api

https://commandejorsk.site/api

https://possiwreeste.site/api

https://famikyjdiag.site/api

Targets

    • Target

      Setup.exe

    • Size

      666.6MB

    • MD5

      29a7975829887933ca82a068fc1bd3dc

    • SHA1

      25c651c85e118f87ed21d964874844dbe51b554a

    • SHA256

      f2676cf687c39f97a5facdf0079c7243bdacaf534fb1d98b5fdcc56a375b58c9

    • SHA512

      5d252bd7db79e22b1b73efdf47be93dda7027d034852031b4ff87f9a49b53e120a53bdb47ae1467a303c1195ff60456d42c3631133266a166c7d0980b2c4c6ac

    • SSDEEP

      196608:Q3EFWw+E6UuEpLn27eg3gt/zeRSJM3f0oLxDt19r/TVCa7wDGR:DFWqOF

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks