General
-
Target
file
-
Size
8KB
-
Sample
250106-v5wrzsvldr
-
MD5
aff7e4986f6178908c8641c56886529f
-
SHA1
122e180054a966d5bf572d04df621df04e43b47f
-
SHA256
983731d73b9c5a37b344f3c551894764e42b341ade4c0f3357af5b1e07af4025
-
SHA512
f6510d76c57e580258f75b33657b580e2c6b7f902c08d7e8e275adc53667e252411d3cb6454a62f86280ff0f72c73f6101fa3154b15b40f1ca087dce4104fc4b
-
SSDEEP
192:PN2x2B7PmFGx7rqkJHkCRPIewLdt/1l3ly9N:AxyuFGRzu8AewLL3eN
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
Extracted
lumma
https://wholersorie.shop/api
https://framekgirus.shop/api
https://tirepublicerj.shop/api
https://noisycuttej.shop/api
https://rabidcowse.shop/api
Targets
-
-
Target
file
-
Size
8KB
-
MD5
aff7e4986f6178908c8641c56886529f
-
SHA1
122e180054a966d5bf572d04df621df04e43b47f
-
SHA256
983731d73b9c5a37b344f3c551894764e42b341ade4c0f3357af5b1e07af4025
-
SHA512
f6510d76c57e580258f75b33657b580e2c6b7f902c08d7e8e275adc53667e252411d3cb6454a62f86280ff0f72c73f6101fa3154b15b40f1ca087dce4104fc4b
-
SSDEEP
192:PN2x2B7PmFGx7rqkJHkCRPIewLdt/1l3ly9N:AxyuFGRzu8AewLL3eN
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
A potential corporate email address has been identified in the URL: [email protected]
-
Executes dropped EXE
-
Enumerates processes with tasklist
-