Overview

overview

10

Static

static

3

✺⇉Δ�...up.exe

windows7-x64

10

✺⇉Δ�...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ✺⇉Δ†ε$†✺$ε†μρ✺Unℓ◎ck Kε¥✺{9192}✺⇉-A.zip

  • Size

    48.2MB

  • Sample

    250101-ype13s1nfw

  • MD5

    09454318e53b61c253ede49c0dbaf627

  • SHA1

    e1adb3af144983c9584acf3cf2ec177baf9d760b

  • SHA256

    4df1cacfcc528146da82cdf81c4516375828aa86f5b41c693852de7779c8661d

  • SHA512

    380625eb62997df59b64dbb3b4413085b05d79747a2efbf6a6e0fa4c72323cff612d83acb23d2a370eb19265eea88be16e7fb5a1d46ae3ae108a31705d5b8c66

  • SSDEEP

    1572864:vEruPcwXqr5pqlYCK47s1xT/cwXqr5pq3YCK47s1xxpxWPG:vEruPJXqr5p+YC37Ol/JXqr5pyYC37Ox

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://servicedny.site/api

https://authorisev.site/api

https://faulteyotk.site/api

https://dilemmadu.site/api

https://contemteny.site/api

https://goalyfeastz.site/api

https://opposezmny.site/api

https://seallysl.site/api

https://intentiongi.cyou/api

Targets

    • Target

      ✺⇉Δ†ε$†✺$ε†μρ✺Unℓ◎ck Kε¥✺{9192}✺⇉-A/Setup.exe

    • Size

      31KB

    • MD5

      67dedab5bc0159f7cc61cb4b46daa6f1

    • SHA1

      5d57ef4bd9b6ac672c413c5e8495263672f090e3

    • SHA256

      0e6f5eaa2cd91747213f6aec05e3de6fb46ea2b7cf4d5f3ac267128abc784d00

    • SHA512

      4c7ed5d6e0a76ac6eec79e50ae9cd4b5fe3eacda574606e47d85bba1739902d688aa6f5ec03e7863ec9d36bdadf6229f64bce8fe33bacf38e84e50332a30caf0

    • SSDEEP

      768:MEH9SEBh8GdMrawYnZO44H2ekz/5Z+MMcS:M8RdMXYnZO4Y2ekT5Zgc

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks