Overview

overview

10

Static

static

1

5db086810e...5N.exe

windows7-x64

3

5db086810e...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5db086810e23a0a6d59a3cd203a59039a2f99f4914a07e9f60955e5d522a5675N.exe

  • Size

    545KB

  • Sample

    250104-n6k9ba1jcr

  • MD5

    cc57562764c9ba73ef6bf0f056e12e30

  • SHA1

    97147bf2317534d7908e18ad1139d2bf04e54990

  • SHA256

    5db086810e23a0a6d59a3cd203a59039a2f99f4914a07e9f60955e5d522a5675

  • SHA512

    ddbe6484f9f4d98b0ad09a017733599bc62da20e02549d1751c11d9f460c8c95ec0d1563cc5c034e6a7b15d36ca8a3febe2cf7a7aae7e138d1e5e4feea42019b

  • SSDEEP

    12288:Hn9kenWw3Pl/BVHtRPoJU4fZ8dzLO1lotdBhp4HEO:HCenjzR4UcSdzLWo94Ht

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://standingcomperewhitwo.shop/api

https://innerverdanytiresw.shop/api

https://lamentablegapingkwaq.shop/api

https://sturdyregularrmsnhw.shop/api

https://stickyyummyskiwffe.shop/api

https://greentastellesqwm.shop/api

https://macabrecondfucews.shop/api

https://distincttangyflippan.shop/api

https://willingyhollowsk.shop/api

Targets

    • Target

      5db086810e23a0a6d59a3cd203a59039a2f99f4914a07e9f60955e5d522a5675N.exe

    • Size

      545KB

    • MD5

      cc57562764c9ba73ef6bf0f056e12e30

    • SHA1

      97147bf2317534d7908e18ad1139d2bf04e54990

    • SHA256

      5db086810e23a0a6d59a3cd203a59039a2f99f4914a07e9f60955e5d522a5675

    • SHA512

      ddbe6484f9f4d98b0ad09a017733599bc62da20e02549d1751c11d9f460c8c95ec0d1563cc5c034e6a7b15d36ca8a3febe2cf7a7aae7e138d1e5e4feea42019b

    • SSDEEP

      12288:Hn9kenWw3Pl/BVHtRPoJU4fZ8dzLO1lotdBhp4HEO:HCenjzR4UcSdzLWo94Ht

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks