Overview

overview

10

Static

static

1

#Pa$$CŌ�...&!#.7z

windows7-x64

1

#Pa$$CŌ�...&!#.7z

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    πŸŒ™π·π‘œπ“Œπ“ƒπ“π“Έπ’Άπ’Ή-Setup✨𝐹!ℒ𝑒~-π’žπ‘œπ“‚π“…π“π‘’π“‰π‘’_6698_@!#.zip

  • Size

    925KB

  • Sample

    250107-x65sdsvngx

  • MD5

    5e79fffc30771fdb08137535489e8a2f

  • SHA1

    cd81b2a2bd9cd0985c6772c18b0638d5b81fd086

  • SHA256

    63ef8d228af12a1c7ee1b815b368bcac59da3d41dd35d7be1fe72968e96578c4

  • SHA512

    24ed405494f50e0d613097545173a591a6873c8034e3bc1374b46d6a3873f3ef50dd848b62c74c286e3a51d526007323d8f2dc1e0bbabfab0f52ece4e6afeb8f

  • SSDEEP

    24576:/fMc/Rxh2ZBUROEHjJu6lsDzWptuzEUO7JSs:/vxUUEEHA6lewv1X

Score
10/10
lummadiscoverystealer

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

https://skinfuzzerz.cyou/api

Extracted

Family

lumma

C2

https://skinfuzzerz.cyou/api

Targets

    • Target

      #Pa$$CΕŒπ”»e--6698__OpeN-Setup&!#.7z

    • Size

      917KB

    • MD5

      3a14927593bba8d33a7f9404fa90b171

    • SHA1

      0bbc976b1eae14b8c91cc35839fcb8743faa2642

    • SHA256

      0422fac44159e855f7ac45bad8d9f1b57020924abe199102eee1c43d15d941af

    • SHA512

      83e2d3f321b12a8ebe1071c55a30a5913170cf8fbe8596c9054ad8a6dd95d5cc10ec2f719df5b73116dad4b559757661f7fa4b2087501ad2296975b43a2e3469

    • SSDEEP

      24576:T/SW/RR92LvUjQEBFJwc3KDHWFrupEU+5QSw:T5RUU8EB8c38sLBM

    Score
    10/10
    lummadiscoverystealer

    • Lumma Stealer, LummaC

      Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

      stealerlumma

    • Lumma family

      lumma

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks