Resubmissions
06-01-2025 23:49
250106-3vgt3stmct 1004-01-2025 06:36
250104-hdeceayrbk 1004-01-2025 06:32
250104-ha3wlaxjgt 1004-01-2025 06:27
250104-g7slfsynfk 1004-01-2025 06:18
250104-g22l6sylgl 1004-01-2025 06:07
250104-gvpc9syjbr 1004-01-2025 05:49
250104-gh6f1sxnaj 1004-01-2025 05:46
250104-gf9qnavpds 1004-01-2025 05:45
250104-gfx2vsvpbz 1004-01-2025 05:38
250104-gb1besxkcl 10General
-
Target
EulenCheats-main.zip
-
Size
988KB
-
Sample
250104-gh6f1sxnaj
-
MD5
b7f98631779f5ebd214c23cf16cb6fdd
-
SHA1
2dedd94e51fe3e3f2d029061e944026b0dbdb37c
-
SHA256
f2965186d8e79115a2478863a7b2804244e4372faaf5d5323f260c1030d27657
-
SHA512
eba81d8636aeefbed0e55043cd2b5229bce020fe2022e224a1d55ad22efa1f9c1855ea56850ce31ff8dd1712423347741cfa1ba3f7d80056bdeac7669c58da7e
-
SSDEEP
24576:ZUGpuVhxFetCJgbWJQmrfjNiVrGroGxgkIKgr:ZvuPx4tCJgSJf/NqrGMGxUdr
Malware Config
Extracted
lumma
https://sordid-snaked.cyou/api
https://awake-weaves.cyou/api
https://wrathful-jammy.cyou/api
https://debonairnukk.xyz/api
https://diffuculttan.xyz/api
https://effecterectz.xyz/api
https://deafeninggeh.biz/api
https://immureprech.biz/api
Targets
-
-
Target
EulenCheats-main/Loader.exe
-
Size
393KB
-
MD5
3c4161be295e9e9d019ce68dae82d60a
-
SHA1
36447fc6418e209dff1bb8a5e576f4d46e3b3296
-
SHA256
0f6481dabf7871823f259eb95f3b85c37d1de8a7d1884ac77a97d887cf96f75d
-
SHA512
cfa2d491a5d28beb8eb908d5af61254ac4c4c88e74c53d5d00ae15ef0731df1654304199996545d1074814c0ea8a032957b28d70774f05347616428e667f70e6
-
SSDEEP
12288:ndoOphZgRZGJZzu/aeZjl5FeBTCVpgTfR:ndl/QZGTuHhjFe1C3gt
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-