Overview

overview

10

Static

static

10

ybisaarina...AB.exe

windows7-x64

10

ybisaarina...AB.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Exloader.zip

  • Size

    940KB

  • Sample

    241230-vn7sxszrcp

  • MD5

    834603bb44e18d43cdf246be65c3e028

  • SHA1

    880ef93410e11c722819af031a6aece9e000f74a

  • SHA256

    c1499d02dba66cab5de2423a72b06120ec90a98ffd29dc75ccc2c4946daea86f

  • SHA512

    f3629fe33b279cfeb7dbf78f73469faf50baeeab597fe80808fd143b6cd94c6fa7b27bead52d55a2e58b9342f9fe03a211710cab47d07294175b22f1893a4879

  • SSDEEP

    24576:QqhI9vYc853RS0jkBz4F4JcLPeDO8ehmNoX:QqgvD8S9B4F4cGDO8m

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://commisionipwn.shop/api

https://stitchmiscpaew.shop/api

https://ignoracndwko.shop/api

https://grassemenwji.shop/api

https://charistmatwio.shop/api

https://basedsymsotp.shop/api

https://complainnykso.shop/api

https://preachstrwnwjw.shop/api

https://candidaiteopwm.shop/api

Targets

    • Target

      ybisaarina_crypted_LAB.exe

    • Size

      494KB

    • MD5

      a60b981a1ec96819ff9d0ecac06e4f7f

    • SHA1

      d78a13fc46e18ce3dffc72eb3885696014b099d0

    • SHA256

      842c6926b38c80a4d19e965e9ffbc8073537a0c3393b5d34c203048441686651

    • SHA512

      61caaa8e5faeaa88552cbb9730f4919e2c43ce31526b2e32682eef688c37420ad6e0b60d008f79b53af1c2c96d8cb7886289127992395ca043605feeffc0bd91

    • SSDEEP

      12288:qZqOSYt4cgd2+Xn+NB7proA9KjE+EEjoVAwj4NEeX:qsOSKgx3khrkdIAwj4NEG

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks