Overview

overview

10

Static

static

3

2bf0be6674...93.exe

windows7-x64

10

2bf0be6674...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2bf0be66745f8efdf9d0a8c3b0682848f9f3bf745e651d648afb32fc58a02a93.zip

  • Size

    353KB

  • Sample

    250107-am1m1axlem

  • MD5

    eec12a6e8e70e45579f8b99995e5dd19

  • SHA1

    c16da4e2a1020f24d923f1e450432e7974cb4b28

  • SHA256

    2bf0be66745f8efdf9d0a8c3b0682848f9f3bf745e651d648afb32fc58a02a93

  • SHA512

    95f759513b13e4f590dc488436b2036f90934553423ec034cf2bee04de9930c952b0d036991334c154aff92b8617d67dcd636b67a977e063e85f72f781bdfdf1

  • SSDEEP

    6144:W9xp1CYG+j2odAU9QQBkIpNZtoUg8O9TJRulPqr7HmtxhSxbgYOxPt:eRCJ+GU9PBZx1aRAAbZOx1

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://fancywaxxers.shop/api

Targets

    • Target

      2bf0be66745f8efdf9d0a8c3b0682848f9f3bf745e651d648afb32fc58a02a93.zip

    • Size

      353KB

    • MD5

      eec12a6e8e70e45579f8b99995e5dd19

    • SHA1

      c16da4e2a1020f24d923f1e450432e7974cb4b28

    • SHA256

      2bf0be66745f8efdf9d0a8c3b0682848f9f3bf745e651d648afb32fc58a02a93

    • SHA512

      95f759513b13e4f590dc488436b2036f90934553423ec034cf2bee04de9930c952b0d036991334c154aff92b8617d67dcd636b67a977e063e85f72f781bdfdf1

    • SSDEEP

      6144:W9xp1CYG+j2odAU9QQBkIpNZtoUg8O9TJRulPqr7HmtxhSxbgYOxPt:eRCJ+GU9PBZx1aRAAbZOx1

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks