General
-
Target
586c45b07a69a89813272e425388029f.bin
-
Size
1.0MB
-
Sample
250108-bxptxsxrev
-
MD5
d0e62bf335fa7c65ea89f064b27ec65f
-
SHA1
528b7a0aae52a716c00bcace4129a3417fc3092b
-
SHA256
a7b860cd0020b59d7ed767390906159eba438cedd0bdc365ae5912e12e9e7bdd
-
SHA512
74e9ef696fc75d1523368ceb2b6be5f5ea733f30d97f04833ed1e4ba3249c18e9109f43718d50847ab7dd8beba24b3948a638c1bbde4911e70d9edf728dd195d
-
SSDEEP
24576:VUlPMtOBku1znAS9M3ZvhldNKp182E9AcQX6HDx5w+HUJv:VJ6/BASK3ZvhxKTc9AcTud
Malware Config
Extracted
lumma
https://cloudewahsj.shop/api
https://rabidcowse.shop/api
https://noisycuttej.shop/api
https://tirepublicerj.shop/api
https://framekgirus.shop/api
https://wholersorie.shop/api
https://abruptyopsn.shop/api
https://nearycrepso.shop/api
https://siffinisherz.sbs/api
Targets
-
-
Target
41fcac4067db860114a270ffadb6083647ed54bc95e43faf1fffbb23f0cf2a2b.exe
-
Size
1.1MB
-
MD5
586c45b07a69a89813272e425388029f
-
SHA1
979e0ccab38b87ac3d3d4c79a6a3d9351179df26
-
SHA256
41fcac4067db860114a270ffadb6083647ed54bc95e43faf1fffbb23f0cf2a2b
-
SHA512
b83a662985d4a1165e19bbbb52e10cbaefab972f8a8a5dd65a657b32c29a5d1b69f3c588c41469340538600ecc237a369b7dfca35cca18572511f2b997d1085e
-
SSDEEP
24576:SGjZb7WC6n1V1ZkIppYCHKW0pPM5nhO9LI5mnx1+lEU/6Wx:3VK11Vr/ppdqWy05nkLI5mn7DUCWx
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-