Resubmissions

08-01-2025 01:16

250108-bm46vszkaj 10

07-01-2025 22:37

250107-2jz1vatpdr 10

07-01-2025 22:11

250107-14bnbasrfr 10

06-01-2025 21:24

250106-z9bd3ayjes 10

06-01-2025 04:52

250106-fhgxzsyphk 10

06-01-2025 04:46

250106-fdzl8sypaj 10

06-01-2025 04:34

250106-e679eaymcj 10

06-01-2025 04:26

250106-e2kybawlex 10

06-01-2025 03:47

250106-ecn9favpcw 10

06-01-2025 03:19

250106-dvk43avkaw 10

General

  • Target

    setup.exe

  • Size

    793KB

  • Sample

    250106-a9h2gasrgp

  • MD5

    5b3e5ace672f4250aeb06382579d165d

  • SHA1

    5f1d413192d92fa9a58cd5208963cda6c6c7c678

  • SHA256

    1f8c9a3874f67a64d9ffff9f73d608d62dbd93a443404d969455e03b62e5fd48

  • SHA512

    115551e9a8186986761c03d66928e432410b9c310f2dd862155cfddf1dd01133563a611e12998e898cbd78dce5ad8c2f4da923c5c2e3cec08d20bd38d644695c

  • SSDEEP

    12288:d3K1Pp+lMeB8UODTAFKHMRTviTOODTAFKHMRTviTr:JK1PSMZx0FKsRTqT/0FKsRTqTr

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Extracted

Family

lumma

C2

https://abruptyopsn.shop/api

https://wholersorie.shop/api

https://framekgirus.shop/api

https://tirepublicerj.shop/api

https://noisycuttej.shop/api

https://rabidcowse.shop/api

https://cloudewahsj.shop/api

Targets

    • Target

      setup.exe

    • Size

      793KB

    • MD5

      5b3e5ace672f4250aeb06382579d165d

    • SHA1

      5f1d413192d92fa9a58cd5208963cda6c6c7c678

    • SHA256

      1f8c9a3874f67a64d9ffff9f73d608d62dbd93a443404d969455e03b62e5fd48

    • SHA512

      115551e9a8186986761c03d66928e432410b9c310f2dd862155cfddf1dd01133563a611e12998e898cbd78dce5ad8c2f4da923c5c2e3cec08d20bd38d644695c

    • SSDEEP

      12288:d3K1Pp+lMeB8UODTAFKHMRTviTOODTAFKHMRTviTr:JK1PSMZx0FKsRTqT/0FKsRTqTr

    Score
    10/10
    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    • Lumma family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.