Overview

overview

10

Static

static

3

CrosshairX.exe

windows7-x64

10

CrosshairX.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd8b6033995088c8e6dc1a94983c102a.bin

  • Size

    354KB

  • Sample

    250107-cawvdsykgv

  • MD5

    fbc96e34e2e6d6a6b8034dc5ec7053a8

  • SHA1

    17ef26527c0f81910c392bb78a026269fc37a370

  • SHA256

    7e6edac4180e2c4d5460e0535cc096c3dc4582a8c5892d7a0026b2ceb9e66988

  • SHA512

    3efcff6dd86a2a0ad004e1405729dbc254371a97c605a7c37359b274c7ec813c7bea70c0a85eb977ddecc3aa9e8b42dc53acfbadc28a7a90fe07829e77f75e19

  • SSDEEP

    6144:ID5XPhE+Emb8MFGkYFBUOdjjS8QnbOkdu+MO1gXuV/CWzbh2eMtxEerUD:8XpE+EYDUDwge8QbOkduG17qgh2eMtf8

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Targets

    • Target

      CrosshairX.exe

    • Size

      150.4MB

    • MD5

      c68c83300786177c8cdf38dc8b276937

    • SHA1

      500d471de0d74c2317033f39866692649dff47fb

    • SHA256

      e31ccd1df6c97cfce993def645f813d55405d3e5d858f0b2682a48ff2200888d

    • SHA512

      45c94294198d9666addcfd532895db7db38f9a672ed4a1f7ea4cd6a0bd344e8df9b03e52eabd56572b217a064b695b314407dc136196eeef01172320f4220e27

    • SSDEEP

      6144:pTPOsgo5qJgKjOfDDBrwHJAtlsGMpZh7exUG0Gv0JYlCaLkmJ3/n2b:pPOi8go6BrwSMpZg+GBv0JYlCahJ34

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks