Overview

overview

10

Static

static

1

Setup.exe

windows7-x64

3

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f1b94f36ea714a1071a826eb47d972f1769e9e139bf3b4fb88f555dfc457603.zip

  • Size

    13.0MB

  • Sample

    241230-f7keeazlds

  • MD5

    ed29e6a43cb99ef1c71fab04e9a18bc1

  • SHA1

    b14d13a6c47893cdbb17b89ef1952577c5f2506a

  • SHA256

    0f1b94f36ea714a1071a826eb47d972f1769e9e139bf3b4fb88f555dfc457603

  • SHA512

    5b0115ca1daa6387016693b6ccb7662ca89a76caa6e0c41f56b89dfbc109601f1d2a8d30fa93d0ff641d6282b96813650e98cd0007df4612db6d743fa8150c0d

  • SSDEEP

    196608:h05c4cVRkkN/QSwX7xs43UVSQK4l3dVMAyt/rfrdAWDWpueLVMM061MlG9/Fhk2t:hQc6kJoX9j4lCRfr6AveRMMKUB8WZ

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://snailyeductyi.sbs/api

https://ferrycheatyk.sbs/api

https://deepymouthi.sbs/api

https://wrigglesight.sbs/api

https://captaitwik.sbs/api

https://sidercotay.sbs/api

https://heroicmint.sbs/api

https://monstourtu.sbs/api

https://paitheadki.cfd/api

Targets

    • Target

      Setup.exe

    • Size

      679.9MB

    • MD5

      8abc5e36759219b71d185846fc66c0e6

    • SHA1

      491339930d88a891baae5b8f7d634d7740bf7826

    • SHA256

      04b41a4960228a64cd1a7b93e27221bfa38c75e389c446bd19b2708839583b8f

    • SHA512

      76f4f6186c2f5717e4f76504e4df05c5443bebb107fa41f1b629f9f7d48f6cff06c44f719de2e9532f91f09bee4afc95a054dd6d49a7361d3041e4f4d2a93ff8

    • SSDEEP

      196608:0+9mlxAMFyzUA7Xe5u8E9qj13B0J/cr5Rx5M+Rzh1pc:0+QlxHBMu5Bv3BM

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks