General
-
Target
Kapu.rar
-
Size
1.9MB
-
Sample
250103-p3atvaxnfl
-
MD5
ba5e0c9d36e26c53cfa81677a61b64fb
-
SHA1
2ed99fdd7461904c31904f1867fab42ce8e8492a
-
SHA256
536e673034daa75a6067e4ed96ce8ac3c3a38fe8fd34e29598aa6a03f041b86f
-
SHA512
3a5304aee10d44b17638c366618800627dd7b130ae82b0656a7b4ad1b3914dfb92d428c0fbcaef243ca926c098cf0b8021f987a76f447490be092b44e1eb0003
-
SSDEEP
49152:JLBWC6uwwyMd74IAHLUdsRQlAmESJdhGz:xvvd4IA7RSPU
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
https://fancywaxxers.shop/api
Extracted
lumma
https://fancywaxxers.shop/api
https://abruptyopsn.shop/api
https://wholersorie.shop/api
https://framekgirus.shop/api
https://tirepublicerj.shop/api
https://noisycuttej.shop/api
https://rabidcowse.shop/api
https://cloudewahsj.shop/api
Targets
-
-
Target
Loader.exe
-
Size
525KB
-
MD5
a2c984080959984a95dd3866cac12eb4
-
SHA1
60c97b6517c3cc9c2929b21671fd0be57c3ee2b3
-
SHA256
4846078ccacb8f53da9e076f0ca26c03b30fef48641bc041b5b73b4b7394fdae
-
SHA512
957cc63ecc132601ad142a9c97eb14e74e803b3ff5c0535eb15c30d3a946e5024ba5faa689ee80c6c00de4a940024c444e1a79240c39a2b078c3105ff73136f6
-
SSDEEP
6144:Lr9xtwB0u86qlmi0vL9xyXSNQzgTqBqpTH4s9O2Vm1b7/0mqUtsB8xZI/3w99BJw:LztE0u86qlmk/zIp4sl23NtCuI8BJy9
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-