lumma | 1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751[.]dat-decoded[.]exe | Triage

Resubmissions

06/01/2025, 02:34 UTC

250106-c2h3lswkar 10

06/01/2025, 01:44 UTC

250106-b59t3atrdq 10

06/01/2025, 01:44 UTC

250106-b5xjqs1rbx 10

06/01/2025, 01:43 UTC

250106-b5nlts1raz 10

06/01/2025, 00:38 UTC

250106-ay3azaspam 10

06/01/2025, 00:33 UTC

250106-awcyassncn 10

05/01/2025, 22:53 UTC

250105-2vdlzszqej 10

05/01/2025, 22:33 UTC

250105-2gzx3axrdt 10

05/01/2025, 22:09 UTC

250105-12zmcsxnfy 10

04/01/2025, 05:00 UTC

250104-fng5yavrdl 10

Sharing

General

Target

1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe
Size

332KB
MD5

e32ee103ae9a3e75d0df2a6bbe516997
SHA1

cc963cc4e0c3e429b2851cc1ec0f159fa322d4a9
SHA256

991cb2f1222cdd00eb93d17b0cc3c4488ebffc53d30d604486592d78a1349419
SHA512

3e3add78bb7175ab876aa975b247f3c317a6ca3fa7a50df40f74611419103017c2dcaec323563586a751b4c4a43635abaac09e43e4881f37bc943b07573014e6
SSDEEP

6144:lFgxMjpdFf/qguD8qF5bIzTfpnvzVd1Ke4lyCazz2h96Q:IMdd7uD8GwpbVnKT86h96

Score

10^/10

stealer lumma

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Signatures

Lumma family
lumma

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe

Files

1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ