Overview

overview

10

Static

static

3

keygen pl7... 5.exe

windows7-x64

7

keygen pl7... 5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7003027ab2a059240e80ef85195a74cdb601c96263a99835a3a746d294033865.zip

  • Size

    9.1MB

  • Sample

    250107-acl2vstrgx

  • MD5

    3a9ec2adcf2e5a8d607cb8162235781b

  • SHA1

    468ba4e5c02a507010f6c2b6d64a6a4b090e613d

  • SHA256

    7003027ab2a059240e80ef85195a74cdb601c96263a99835a3a746d294033865

  • SHA512

    cae42e54e77b780e0e7e53091d14eca37c54a165e8eecf4b68278ee53f48837ae35ff7ef7d4fe4720c5cced8383e1f727d027ae1d6223ae1afccb9d199a21a38

  • SSDEEP

    196608:tsjGwzG3DXh7YF3qlXT1u5CgX3FFd3T+u9M4xAiDa9sfpp:tsGlh75u5XHF/3T+0MWBp

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://detailshaeje.cfd/api

Targets

    • Target

      keygen pl7 pro v4 5.exe

    • Size

      867.2MB

    • MD5

      edf30ffa29debe70cba82d686c473177

    • SHA1

      05a0f303c1263cb58cf9367e50dc248f01d9bd6c

    • SHA256

      ca3636c22f2c69d18cc47309aac0450f6b9dd62f175d4994d4652dc2ee29317e

    • SHA512

      9aadc6398da79e8e26081221613ac4a530b6dbff7533c5cdca1f7dba2ec2c349ce104518038914ccc2e4e413f2abd5c5bf3381b4319fea554775ef9fcbd3efb8

    • SSDEEP

      393216:1tVrjTLh6DD8z3Pn9wsh+JSgrl0yUeNQVdt5HKOy2:7G7yVnp

    Score
    10/10
    discoverylummastealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates processes with tasklist

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks