Resubmissions

06-01-2025 23:49

250106-3vgt3stmct 10

04-01-2025 06:36

250104-hdeceayrbk 10

04-01-2025 06:32

250104-ha3wlaxjgt 10

04-01-2025 06:27

250104-g7slfsynfk 10

04-01-2025 06:18

250104-g22l6sylgl 10

04-01-2025 06:07

250104-gvpc9syjbr 10

04-01-2025 05:49

250104-gh6f1sxnaj 10

04-01-2025 05:46

250104-gf9qnavpds 10

04-01-2025 05:45

250104-gfx2vsvpbz 10

04-01-2025 05:38

250104-gb1besxkcl 10

General

  • Target

    EulenCheats-main.zip

  • Size

    988KB

  • Sample

    250103-z75vwswrcn

  • MD5

    b7f98631779f5ebd214c23cf16cb6fdd

  • SHA1

    2dedd94e51fe3e3f2d029061e944026b0dbdb37c

  • SHA256

    f2965186d8e79115a2478863a7b2804244e4372faaf5d5323f260c1030d27657

  • SHA512

    eba81d8636aeefbed0e55043cd2b5229bce020fe2022e224a1d55ad22efa1f9c1855ea56850ce31ff8dd1712423347741cfa1ba3f7d80056bdeac7669c58da7e

  • SSDEEP

    24576:ZUGpuVhxFetCJgbWJQmrfjNiVrGroGxgkIKgr:ZvuPx4tCJgSJf/NqrGMGxUdr

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://sordid-snaked.cyou/api

https://awake-weaves.cyou/api

https://wrathful-jammy.cyou/api

https://debonairnukk.xyz/api

https://diffuculttan.xyz/api

https://effecterectz.xyz/api

https://deafeninggeh.biz/api

https://immureprech.biz/api

Targets

    • Target

      EulenCheats-main/Loader.exe

    • Size

      393KB

    • MD5

      3c4161be295e9e9d019ce68dae82d60a

    • SHA1

      36447fc6418e209dff1bb8a5e576f4d46e3b3296

    • SHA256

      0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d

    • SHA512

      cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6

    • SSDEEP

      12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.