Overview

overview

10

Static

static

1

fadc67d2ed...0f.exe

windows7-x64

10

fadc67d2ed...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fadc67d2ed4a8c2a52dc15ffcaaef1e61bab0707b37893e4b45b96df03ee3a0f.exe

  • Size

    429KB

  • Sample

    241231-dn4mtsvjcy

  • MD5

    f51a40d5bf9b9c5007742e1b9c4b384a

  • SHA1

    226ec50e7a706aaa7dfab94c857efce27af86b9e

  • SHA256

    fadc67d2ed4a8c2a52dc15ffcaaef1e61bab0707b37893e4b45b96df03ee3a0f

  • SHA512

    fdd0eaf8b7f731d215b3ec881acb4fb83922f25eaceddb621a9324a6e147c3bc7305f1a742526a4dc83bafccf7b8e93d3d42672c34e1f0ec778990fd70055363

  • SSDEEP

    12288:GxNrLsok+24E7KlqmWIp2wWdgoyCdvs/OssEelr7v:G7n3k+C1xvwWdVXdvmOuqr7v

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

    • Target

      fadc67d2ed4a8c2a52dc15ffcaaef1e61bab0707b37893e4b45b96df03ee3a0f.exe

    • Size

      429KB

    • MD5

      f51a40d5bf9b9c5007742e1b9c4b384a

    • SHA1

      226ec50e7a706aaa7dfab94c857efce27af86b9e

    • SHA256

      fadc67d2ed4a8c2a52dc15ffcaaef1e61bab0707b37893e4b45b96df03ee3a0f

    • SHA512

      fdd0eaf8b7f731d215b3ec881acb4fb83922f25eaceddb621a9324a6e147c3bc7305f1a742526a4dc83bafccf7b8e93d3d42672c34e1f0ec778990fd70055363

    • SSDEEP

      12288:GxNrLsok+24E7KlqmWIp2wWdgoyCdvs/OssEelr7v:G7n3k+C1xvwWdVXdvmOuqr7v

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks