General
-
Target
Loader (1234).zip
-
Size
321KB
-
Sample
250108-jk4rbazqhx
-
MD5
40056dd6503d8b8ab991fb74476a7ae4
-
SHA1
d410191cfecdd24616258816a791cd73cac085dc
-
SHA256
914b101fdf564f51a0d6f54c4874ea8eb92751e77047c286684a2c0d67e311c0
-
SHA512
f8dc157be2333e250c0c870ef84adf3dcd531da53d5fbd3548126e59d5a569045317c2cbb9712cd22cb6dcb98a59509e084e55375138ce94f99c5a58bec68072
-
SSDEEP
6144:vtEoB6JxwqvQpXtJqbylidIZcGSzkap2dqJIgykYrEw3GxX8Jv9aSl5ekdud:vKoBYiqweb+wIKGmtp2dqJhyRTMX8Jvm
Malware Config
Extracted
lumma
https://robinsharez.shop/api
https://handscreamny.shop/api
https://chipdonkeruz.shop/api
https://versersleep.shop/api
https://crowdwarek.shop/api
https://apporholis.shop/api
https://femalsabler.shop/api
https://soundtappysk.shop/api
Extracted
lumma
https://soundtappysk.shop/api
https://femalsabler.shop/api
https://apporholis.shop/api
https://crowdwarek.shop/api
https://versersleep.shop/api
https://chipdonkeruz.shop/api
https://handscreamny.shop/api
https://robinsharez.shop/api
Targets
-
-
Target
Loader.exe
-
Size
332KB
-
MD5
0b125c875863e31ad16aac7d7582ce55
-
SHA1
933b84d942cb26d28ed9ab27408be8de296f6985
-
SHA256
c58f3bbb0d5ad58c90f513f609c9b6e99d8af4c783c7f4e2953ef166dd152e91
-
SHA512
2d59da0e22912b39d6ffb888e5e27dc6283eba0f55784da576d2501f966b98efbd9117d4d02ce31c9b0493cde3631e304d3a28aa0c4f1a1466d7e14fb2ef1c25
-
SSDEEP
6144:G2Lodbzm2K8KSLP7dukNBgifWXSP4uTg4Mjy1avYjMq25DUZ11M/p:zLoEEdLPQUBZfWCRnMmwvYjk5DU2p
Score10/10-
Lumma Stealer, LummaC
Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
-
Lumma family
-
Suspicious use of SetThreadContext
-