Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://objects.gith...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://objects.githubusercontent.com/github-production-release-asset-2e65be/771926130/4e76e052-3290-4ffc-bd39-d95dbac8fdbb?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241231%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241231T144321Z&X-Amz-Expires=300&X-Amz-Signature=296e90e35a941b91c0cd60260bbd124ae3cfe43c49d99118e67673a84a29b18d&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DSolara.zip&response-content-type=application%2Foctet-stream

  • Sample

    241231-r3wgnaxnck

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Extracted

Family

lumma

C2

https://fancywaxxers.shop/api

Targets

    • Target

      https://objects.githubusercontent.com/github-production-release-asset-2e65be/771926130/4e76e052-3290-4ffc-bd39-d95dbac8fdbb?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241231%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241231T144321Z&X-Amz-Expires=300&X-Amz-Signature=296e90e35a941b91c0cd60260bbd124ae3cfe43c49d99118e67673a84a29b18d&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DSolara.zip&response-content-type=application%2Foctet-stream

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks