Overview

overview

10

Static

static

1

SkyRant.exe

windows10-2004-x64

10

SkyRant.exe

windows11-21h2-x64

3

Resubmissions

01-01-2025 22:50

250101-2sgkvs1mgn 10

01-01-2025 21:53

250101-1rngcawnbw 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SkyRant.dat

  • Size

    455KB

  • Sample

    250101-2sgkvs1mgn

  • MD5

    a495d45240cb3b13dff8dff6543aedfd

  • SHA1

    4d6efc5a7cdb64626cfbfe3f5fe481cce37ab6f8

  • SHA256

    9edb0d588099b6b4aa51ddf60ae1626345f886aa31a02db7c197b73ac316fc53

  • SHA512

    a44b2a82bf451b284397ae48e59eb6a341d2f4d0e8acc1e1692e4b9c491d9decfe60739af12c5a118007714daa8d93b0f47399d881bb0bed2387fea5cd5dfd2c

  • SSDEEP

    6144:XQzgB9vCGJsZ7k1lvZPo9haRmOY4YCWwXoC8PHHixAa1ZWy2+5WSNPVPPAIRnY6l:gzq1HlRA94m5f1C8PdZyf5Wkd35nY6eg

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://drawwyobstacw.sbs/api

https://condifendteu.sbs/api

https://ehticsprocw.sbs/api

https://vennurviot.sbs/api

https://resinedyw.sbs/api

https://enlargkiw.sbs/api

https://allocatinow.sbs/api

https://mathcucom.sbs/api

https://prinyveri.cfd/api

Targets

    • Target

      SkyRant.exe

    • Size

      582KB

    • MD5

      e6da74ca829353072a5e5c24237e1a47

    • SHA1

      2c79d56af355992c19e7f775d20474fe5a0cc917

    • SHA256

      9b08b9086893238c3142fa2e65bfe57261cfc2e0725839ca8ff8fac7bac8fedb

    • SHA512

      5a5a8bae31d9c1c1b56811c160f7fc421b56b84e0d80c13731a2150e542abf5037bccccbfbe686fd24d8c2f5b073c60c2c2200fbfde935c0cd7d0f97293e14f5

    • SSDEEP

      12288:nHcEXerLGzq/92UydzT24ymAiPER7zAhCZpBo9vUQpyKHyEO:HcWePqqECvFZpMpyKSt

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks